Re: Firepower Issue

Mustapha Bassim · ‎11-02-2022

Hello Dears

i have the attched digram with VPC configration only between the two swiches when i reload the master VPC nexus switch there is a downtime about 1 min while this not take place since the firepower devices are confiagred as Active/Standby mode any one can help ?

Bests

MHM Cisco World · ‎11-02-2022

the both FW as I know need to connect to both NSK SW (running vPC) via Port-channel.

Mustapha Bassim · ‎11-02-2022

ok dear so it's not apply without doing vPC on switch side ? and also on firewall side we just need to enable LACP ?

Sheraz.Salim · ‎11-02-2022

what are the Firepower model you using are they 4100 or 9300 seires?

looking into your presentation diagram you only showing 1 link going towards the firewall. where as ideally you should have a port-channel from firewall to Nexus 9K. (and so should Nexus presentation have a VPC configured as you mentioned earlier).

so in summary. You configured VPC on two switches which is good. at the same time the firewall need to be configured in as port channel as LACP. (LACP need to be configured from Nexus to Firewall and from Firewall to Nexus). once this configured if you failover the firewall or either Master VPC/Slave VPC goes does it should not have impact on firewall due to STP fakeing it to be showing as 1 giant link.

please do not forget to rate.

Mustapha Bassim · ‎11-02-2022

Hello Dear and thnx for reply , i have 2130 model i do not now if it's working with vPC or not ?

Mustapha Bassim · ‎11-02-2022

29 Po29 down* failed vpc port channel -
mis-config due to vpc
links in the 2
switches connected to
different partners

when i configre the vPC we got this error

Mustapha Bassim · ‎11-04-2022

up