cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to Cisco Firewalls Community


298
Views
5
Helpful
4
Replies
Frequent Contributor

LACP between ASA and ASA

Hi guys,

 

I want to migrate current STATE and FAILOVER physical connections from using switches in between to direct cables.

I read some design concerns and ack that tshoot event troublesome.

 

Now I have a dedicated Port-Channel for failover and another one for Stateful failover.

Can I still use these two port-channels with direct cables? Will LACP go up between ASA primary and ASA secondary?

Here's LACP status for Failover link (using switches):

 

show lacp 7 internal

Flags: S - Device is requesting Slow LACPDUs
F - Device is requesting Fast LACPDUs
A - Device is in Active mode P - Device is in Passive mode

Channel group 7
LACP port Admin Oper Port Port
Port Flags State Priority Key Key Number State
-----------------------------------------------------------------------------
Gi0/4 SA bndl 32768 0xd 0xd 0x5 0x3d
Gi0/5 SA bndl 32768 0xd 0xd 0x6 0x3d

Everyone's tags (4)
4 REPLIES 4
Rising star

Re: LACP between ASA and ASA

Yes, you can do it.

Check this link:

https://www.cisco.com/c/en/us/td/docs/security/asa/asa82/configuration/guide/config/ha_overview.html#wp1077551

 

Check the figures 32-4 or 32-6.

The scenario suggest a direct cable between ASA.

 

Regards.

Frequent Contributor

Re: LACP between ASA and ASA

I have read it, but since my config currently points to a PortChannel interface, hence my question: will LACP run and up_the_port between the two ASAs?
Rising star

Re: LACP between ASA and ASA

Yes, it should work.

 

Regards.

Highlighted
Frequent Contributor

Re: LACP between ASA and ASA

Thanks Daniele! I will test this "live" two days from now.