cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to Cisco Firewalls Community


4470
Views
0
Helpful
1
Replies
Beginner

Cisco ASA 5585X Ether chanel with Nexus 7000

I want to configure 5585x Active/Standby with 2 nexus switches utilizing VPC technology. Is this possible?

New ASA 8.4  supports etherchannel so I want to plugin 2 cables from ASA1  to sw1 and sw2 and 2 cables from ASA2 to sw1 and sw2?

Is this a valid design?  how would I configure that? Anyone has design document on that?

All I am reading  that  ASAs have to be in active/active scenario.

/Thanks

Everyone's tags (6)
1 REPLY 1
Highlighted

Re: Cisco ASA 5585X Ether chanel with Nexus 7000

Hi Bro

Yes, this requirement is achievable. You can configure both the Cisco ASA FW (v8.4) to run EthernetChannel with your N5K via the vPV technology. Please kindly refer to this Cisco document for the Nexus portion http://docwiki.cisco.com/wiki/Nexus_5000_vPC_Design_Best_Practices

From the Cisco ASA’s point of view, regardless whether two C6K running VSS or two N7K running vPC, they both appear as a single LACP partner. Hence, for the Cisco ASA, there's no difference if it's a VSS pair or a vPC pair. With respect to vPC, any device that runs LACP (which is a standard), is surely compatible with the Nexus 7000, including ASA/ACE.

Please refer to this document on the Cisco ASA EtherChannel portion http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/interface_start.html#wp1319434

One thing to remember here is, dynamic routing protocol peering is not supported if you are using the vPC option, only static routing.

P/S: If you think this comment is useful, please do rate them nicely :-)

Warm regards,
Ramraj Sivagnanam Sivajanam
CreatePlease to create content
Content for Community-Ad
FusionCharts will render here