11-09-2024 04:08 PM
Hi community,
we want to deploy firepower 3105 - version 7.3.1 to bridge two VLAN(119 & 191) on distribution switch and allow two network to communicate with the same subnet as following
we have run the following test with 10.127.190.11 and 10.127.190.42 ping each other:
1. [success]
a. 10.127.190.11 connected to FTD 1/1 directly
b. 10.127.190.42 connected to FTD 1/2 directly
c. FTD 1/1 & 1/2 run BVI
2. [fail]
a. 10.127.190.11 connected to switchport with access port to vlan 191
b. 10.127.190.42 connected to switchport with access port to vlan 119
c. FTD 1/1 connected to switchport with access port to vlan 191
d. FTD 1/2 connected to switchport with access port to vlan 119
e. FTD 1/1 & 1/2 run BVI
3. [fail]
a. 10.127.190.11 connected to switchport with access port to vlan 191
b. 10.127.190.42 connected to switchport with access port to vlan 119
c. switch and FTD connected with port channel
d. switch port channel trunk vlan 191 & 119
e. FTD 1/1 & 1/2 run port channel
f. FTD port channel have sub interface 191 & 119
g. FTD port-channel.119 and port-channel.191 run BVI
Port channel
Sub interface 119
Sub interface 191
BVI
11-10-2024 05:03 AM
you use FW HA or standalone FW?
MHM
11-10-2024 08:43 AM
Are you using FDM or FMC, and what mode that FTD running, check the Limitation and see if the feasible :
11-10-2024 11:21 PM
we are using FMC and the FTD is running in transparent mode, and the FW is in HA
11-10-2024 11:47 PM
from command level can you post below information :
show port-channel summary
show interface ip brief
show interface Port-channel1 detail
11-11-2024 01:20 AM
Hi all,
Thanks a lot for your help, may be I simplify the design since my issue is more on the bridging two different vlans with the same IP subnet.
Interface
BVI
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide