12-08-2016 06:49 AM - edited 03-12-2019 01:38 AM
I have a single ASA setup with G1/1 and G1/2 in a redundant interface configuration.
ASA
Interface REDUNDANT 1
g1/1 g1/2
| |
| |
g1/0/1 g2/0/1
3750 switchstack
Is there any requirement or need to enable a port-channel on the switch side?
Thanks
Frank
Solved! Go to Solution.
12-08-2016 07:33 AM
To my understanding there is no requirement to configure a port channel on the switch side. Firewall interfaces need to be in the same vlan so the stand by interface can take over if the primary fails.
12-08-2016 07:33 AM
To my understanding there is no requirement to configure a port channel on the switch side. Firewall interfaces need to be in the same vlan so the stand by interface can take over if the primary fails.
12-08-2016 11:20 AM
Hi Cofee,
You are correct, THANK YOU!!
" By default, each physical ASA interface operates independently of any other interface. The interface can be in one of two operating states: up or down. When an interface is down for some reason, the ASA cannot send or receive any data through it. For example, the switch port where an ASA interface connects might fail, causing the ASA interface to go down, too.
To keep an ASA interface up and active all the time, you can configure physical interfaces as redundant pairs. As a redundant pair, two interfaces are set aside for the same ASA function (inside, outside, and so on), and connect to the same network. Only one of the interfaces is active at any given time; the other interface stays in a standby state. As soon as the active interface loses its link status and goes down, the standby interface becomes active and takes over passing traffic. "
SOURCE:
CCNP Security Firewall Cert Guide: Configuring ASA Interfaces
By Anthony Sequeira, Dave Garneau, David Hucaby.
Sample Chapter is provided courtesy of Cisco Press.
Date: Oct 24, 2012.
Thank you
Frank
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide