Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
605
Views
0
Helpful
2
Replies

ASA Redundant interfaces to switchstack

Go to solution
fsebera
Level 4
Level 4

‎12-08-2016 06:49 AM - edited ‎03-12-2019 01:38 AM

I have a single ASA setup with G1/1 and G1/2 in a redundant interface configuration.

       ASA

Interface REDUNDANT 1

g1/1          g1/2

   |             |

   |             |

g1/0/1       g2/0/1

 3750  switchstack

Is there any requirement or need to enable a port-channel on the switch side?

Thanks

Frank

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
cofee
Level 5
Level 5

‎12-08-2016 07:33 AM

To my understanding there is no requirement to configure a port channel on the switch side. Firewall interfaces need to be in the same vlan so the stand by interface can take over if the primary fails.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
cofee
Level 5
Level 5

‎12-08-2016 07:33 AM

To my understanding there is no requirement to configure a port channel on the switch side. Firewall interfaces need to be in the same vlan so the stand by interface can take over if the primary fails.

0 Helpful

Go to solution
fsebera
Level 4
Level 4
In response to cofee

‎12-08-2016 11:20 AM

Hi Cofee,

You are correct, THANK YOU!!

" By default, each physical ASA interface operates independently of any other interface. The interface can be in one of two operating states: up or down. When an interface is down for some reason, the ASA cannot send or receive any data through it. For example, the switch port where an ASA interface connects might fail, causing the ASA interface to go down, too.
To keep an ASA interface up and active all the time, you can configure physical interfaces as redundant pairs. As a redundant pair, two interfaces are set aside for the same ASA function (inside, outside, and so on), and connect to the same network. Only one of the interfaces is active at any given time; the other interface stays in a standby state. As soon as the active interface loses its link status and goes down, the standby interface becomes active and takes over passing traffic. "

SOURCE:
CCNP Security Firewall Cert Guide: Configuring ASA Interfaces
By Anthony Sequeira, Dave Garneau, David Hucaby.
Sample Chapter is provided courtesy of Cisco Press.
Date: Oct 24, 2012.

Thank you
Frank

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card