cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
526
Views
0
Helpful
3
Replies

Firepower 2110 redundant interfaces, BVI

I have few questions. The situation is: I have Firepower 2110 in the routed mode and I want to connect 2 data switches  from the SAME LAN. Because every port on FirePower has to be on different subnet, how to connect those switches? Bridging and Redundant interface are not supported on Firepower 2100 series. What is the replacement for BVI, Redundant interface in this situation? 

Everyone's tags (3)
1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Hall of Fame Guru

Re: Firepower 2110 redundant interfaces, BVI

Unless the switches are in the same cluster (like VSS or Stackwise) or using something like NX-OS VPCs, you cannot do what you're asking with FTD.

View solution in original post

3 REPLIES 3
Highlighted
Hall of Fame Guru

Re: Firepower 2110 redundant interfaces, BVI

Unless the switches are in the same cluster (like VSS or Stackwise) or using something like NX-OS VPCs, you cannot do what you're asking with FTD.

View solution in original post

Highlighted

Re: Firepower 2110 redundant interfaces, BVI

Thank you so much. My 2 switches are in vLAG (vendor Lenovo). So, is it a good idea to do this: on Firepower from two interfaces to create port-channel and on him to create 2 subinterfaces and connect those 2 switches??

Highlighted
Hall of Fame Guru

Re: Firepower 2110 redundant interfaces, BVI

Lenovo states their vLAG is "similar to" Cisco vPC so it might well work. However you'd be best to try it in a non-production environment (lab) first to confirm the operations are as you expect. TAC support would be best effort only.

How or whether you do subinterfaces depends on more details of your requirements than have been shared thus far. If you want to trunk multiple subnets (corresponding to VLANs) from the switches to the Firepower appliances then, yes, subinterfaces would be the logical choice. that does add another aspect to the interoperability question though so, again, labbing the setup would be advised.