cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5931
Views
5
Helpful
3
Replies

Cisco ASA 8.4 Multiple Context and etherchannel

dietercox
Beginner
Beginner

Hello,

ASA 8.4 supports etherchannel configuration. I'm wondering you can use the etherchannel as a shared interface in multiple context mode. As I do not have access to an ASA to test this out, maybe someone can help me out and post a configuration where multiple contexts share one etherchannel outwards the ASA. Is this possible all together and if yes, do you need to configure the etherchannel in the system context ? A sample config would be interesting to see ...

Thanks!

1 Accepted Solution

Accepted Solutions

Jennifer Halim
Cisco Employee
Cisco Employee

Yes, you can use etherchannel interface in multiple context shared interface.

here is a sample configuration for your reference:

System Context:

interface GigabitEthernet0/0

    channel-group 1 mode active

interface GigabitEthernet0/1

    channel-group 1 mode active

interface Port-channel1

    lacp max-bundle 4

    port-channel min-bundle 2

    port-channel load-balance dst-ip

admin-context admin

   context admin

   allocate-interface Port-channel1 admin-outside

   config-url disk0:/admin.cfg

context context1

   allocate-interface Port-channel1 context1-outside

   config-url disk0:/context1.cfg

Admin context:

   interface admin-outside

     lacp max-bundle 4

     port-channel min-bundle 2

     port-channel load-balance dst-ip

     nameif outside

     ip address 1.1.1.1 255.255.255.0

     security-level 0

Context1 context:

   interface context1-outside

     lacp max-bundle 4

     port-channel min-bundle 2

     port-channel load-balance dst-ip

     nameif outside

     ip address 1.1.1.2 255.255.255.0

     security-level 0

Hope that helps.

View solution in original post

3 Replies 3

Jennifer Halim
Cisco Employee
Cisco Employee

Yes, you can use etherchannel interface in multiple context shared interface.

here is a sample configuration for your reference:

System Context:

interface GigabitEthernet0/0

    channel-group 1 mode active

interface GigabitEthernet0/1

    channel-group 1 mode active

interface Port-channel1

    lacp max-bundle 4

    port-channel min-bundle 2

    port-channel load-balance dst-ip

admin-context admin

   context admin

   allocate-interface Port-channel1 admin-outside

   config-url disk0:/admin.cfg

context context1

   allocate-interface Port-channel1 context1-outside

   config-url disk0:/context1.cfg

Admin context:

   interface admin-outside

     lacp max-bundle 4

     port-channel min-bundle 2

     port-channel load-balance dst-ip

     nameif outside

     ip address 1.1.1.1 255.255.255.0

     security-level 0

Context1 context:

   interface context1-outside

     lacp max-bundle 4

     port-channel min-bundle 2

     port-channel load-balance dst-ip

     nameif outside

     ip address 1.1.1.2 255.255.255.0

     security-level 0

Hope that helps.

Thanks a lot! Is it also possible to tag the etherchannel with vlan's ?

So using vlan 10 for context 1 and vlan 20 for context 2 ?

Yes, subinterfaces/vlan(s) for etherchannel is also possible.

Here is the configuration guide for your reference:

http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/interface_start.html#wp1082576

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers