I have few questions. The situation is: I have Firepower 2110 in the routed mode and I want to connect 2 data switches from the SAME LAN. Because every port on FirePower has to be on different subnet, how to connect those switches? Bridging and Redundant interface are not supported on Firepower 2100 series. What is the replacement for BVI, Redundant interface in this situation?
Solved! Go to Solution.
Thank you so much. My 2 switches are in vLAG (vendor Lenovo). So, is it a good idea to do this: on Firepower from two interfaces to create port-channel and on him to create 2 subinterfaces and connect those 2 switches??
Lenovo states their vLAG is "similar to" Cisco vPC so it might well work. However you'd be best to try it in a non-production environment (lab) first to confirm the operations are as you expect. TAC support would be best effort only.
How or whether you do subinterfaces depends on more details of your requirements than have been shared thus far. If you want to trunk multiple subnets (corresponding to VLANs) from the switches to the Firepower appliances then, yes, subinterfaces would be the logical choice. that does add another aspect to the interoperability question though so, again, labbing the setup would be advised.