I'm trying to figure out if it is possible to configure an ASA cluster (with spanned etherchannel) when the firewalls connect to third party switches configured as a single virtual switch (similar to VSS but not VSS). Since the spanned portchannel "speaks" LACP on the ASA side, is it enough that the virtual switch supports LACP on his side to form such a portchannel?
If, conversely, we connect the ASAs to Cisco switches in VSS, the option "vss-id 1" or "vss-id 2" on the etherchannel configuration is only required when each node (each ASA firewall in the cluster) binds two interfaces to the VSS, one to one switch e the other to the second switch, in the same portchannel?
On this page, it is said that compatible switches are the following: Cisco Nexus 9500|9300|7000|5000, Catalyst 6800|6500|3750-X. Are the Cisco Catalyst 4500-X unsupported? Catalyst 4500-X support VSS, while, as far as I know, 3750-X don't.
Thank you in advance,
Not sure with Vss 4500x. But tried with 3850 stack and it works. Supposed issue with spanned etherchannel lacp will not mount upon failure of one switch and break cluster did not happen.
tested it and 3850 is not in cisco list. Will teat with a cisco 2960x stack which is agggregating links. Let us know for the 4500x would like to know the results.
I have tested with a cisco switch 2960x and it works fine.
Is there an official doc or source from cisco that Cisco 4500x is supported for asa cluster?
I found 4500 in the document below: