Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
642
Views
0
Helpful
1
Replies

ASA5516X and 3650 Switch Stack EtherChannel

Go to solution
mark.stewart1
Level 1
Level 1

‎06-27-2019 12:05 AM

Hi,

Our IT guy has designed a network layout that I am not sure about after reading the cisco guides.

We have a single ASA5516X connected to a switch stack of 2 3650's.

He has the ASA connected to the switch stack via dual port etherchannel, but I have read the below form the guides:-

 

The ASA does not support connecting an EtherChannel to a switch stack. If the ASA EtherChannel is connected cross stack, and if the Master switch is powered down, then the EtherChannel connected to the remaining switch will not come up.

 

IF this is the case, what is the best way to connect the ASA to the switches so that if one goes down the other stays running?

 

Just a warning, I am not very good on cisco's, only ever used fortinets before, so if the terminology is wrong, I apologise.

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
GRANT3779
Spotlight
Spotlight

‎06-27-2019 12:47 AM

Hi Mark,

 

Looking at the following doc below you are correct. I guess if this is something you had to do then there are some suggestions below from Cisco in that document if you still want to use Etherchannel. You could maybe look at redundant interfaces, also referenced in the doc.

 

https://www.cisco.com/c/en/us/td/docs/security/asa/asa97/configuration/general/asa-97-general-config/interface-echannel.pdf

 

It states -

In Cisco IOS software versions earlier than 15.1(1)S2, the ASA did not support connecting an
EtherChannel to a switch stack. With default switch settings, if the ASA EtherChannel is connected cross
stack, and if the master switch is powered down, then the EtherChannel connected to the remaining
switch will not come up. To improve compatibility, set the stack-mac persistent timer command to a
large enough value to account for reload time; for example, 8 minutes or 0 for indefinite. Or, you can
upgrade to more a more stable switch software version, such as 15.1(1)S2.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
GRANT3779
Spotlight
Spotlight

‎06-27-2019 12:47 AM

Hi Mark,

 

Looking at the following doc below you are correct. I guess if this is something you had to do then there are some suggestions below from Cisco in that document if you still want to use Etherchannel. You could maybe look at redundant interfaces, also referenced in the doc.

 

https://www.cisco.com/c/en/us/td/docs/security/asa/asa97/configuration/general/asa-97-general-config/interface-echannel.pdf

 

It states -

In Cisco IOS software versions earlier than 15.1(1)S2, the ASA did not support connecting an
EtherChannel to a switch stack. With default switch settings, if the ASA EtherChannel is connected cross
stack, and if the master switch is powered down, then the EtherChannel connected to the remaining
switch will not come up. To improve compatibility, set the stack-mac persistent timer command to a
large enough value to account for reload time; for example, 8 minutes or 0 for indefinite. Or, you can
upgrade to more a more stable switch software version, such as 15.1(1)S2.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card