Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
810
Views
0
Helpful
6
Replies

Adding switchports to an Ether Channel on FTD

Go to solution
Chess Norris
Level 4
Level 4

‎08-31-2022 07:47 AM - edited ‎08-31-2022 08:03 AM

Hi,

I have a FTD 1010 that I manage through FMC and I want to create an Ether Channel interface, but I am struggling to add Switchports to the Ether Channel.

The only Interfaces available when I create an Ether Channel, is routed interfaces. Is it only routed interfaces that I can use for this?

I have the following configuration on my Catalyst 3560 switch that I want to re-create on my FTD 1010. Is it possible?

!
interface Port-channel1
switchport trunk allowed vlan 2,10,13
switchport mode trunk
!

interface GigabitEthernet0/7
switchport trunk allowed vlan 2,10,13
switchport mode trunk
channel-protocol lacp
channel-group 1 mode active
!
interface GigabitEthernet0/8
switchport trunk allowed vlan 2,10,13
switchport mode trunk
channel-protocol lacp
channel-group 1 mode active
!

Thanks

/Chess

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Chess Norris
Level 4
Level 4

‎08-31-2022 11:26 PM

I found the answer here - https://www.cisco.com/c/en/us/td/docs/security/firepower/70/configuration/guide/fpmc-config-guide-v70/regular_firewall_interfaces_for_firepower_threat_defense.html#id_106621 

Capture.JPG

I guess the switchports is a bit limited on the FTD 1010 comparing to a regular switch, but maybe they will add more switch features in an upcoming release.

/Chess 

View solution in original post

0 Helpful
6 Replies 6

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎08-31-2022 09:10 AM - edited ‎08-31-2022 09:11 AM 

The only Interfaces available when I create an Ether Channel, is routed interfaces. Is it only routed interfaces that I can use for this?

is this on Switch side or FTD side ?

 

Catalyst 3560 switch that I want to re-create on my FTD 1010. Is it possible?

 

,yes this is possible, if this in production you will downtime,  also any associated config will be changed accordingly.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
Chess Norris
Level 4
Level 4
In response to balaji.bandi

‎08-31-2022 09:26 AM

My goal is to only use the FTD device and not the switch at all. The problem is that I cannot select switchports when creating a portchannel interface on the FTD, which I can on the switch.  Do I need to use subinterfaces instead?  

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to Chess Norris

‎08-31-2022 09:49 AM 

My goal is to only use the FTD device

you mean FTD act as switch and Firewall ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
Chess Norris
Level 4
Level 4
In response to balaji.bandi

‎08-31-2022 10:19 AM

Yes, that's correct. I'm trying to streamline my lab setup at home and only use the FTD and an access point. Everything else is working now on the FTD with switchports and VLAN and I use PoE+ on port 8 on the FTD for the AP.  It's only the EtherChannel part that's left and if I can get that to work, I can skip the switch.

/Chess

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to Chess Norris

‎09-01-2022 09:53 AM

Thats right unlike old ASA  5505 can use ports as switch.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
Chess Norris
Level 4
Level 4

‎08-31-2022 11:26 PM

I found the answer here - https://www.cisco.com/c/en/us/td/docs/security/firepower/70/configuration/guide/fpmc-config-guide-v70/regular_firewall_interfaces_for_firepower_threat_defense.html#id_106621 

Capture.JPG

I guess the switchports is a bit limited on the FTD 1010 comparing to a regular switch, but maybe they will add more switch features in an upcoming release.

/Chess 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card