Solved: Re: Migrating OUTSIDE from single Gi to an Etherchannel two Gi

CiscoMedMed · ‎11-10-2021

I currently have a single outside Gigabit Ethernet interface for the OUTSIDE of my ASA. For some reason my predecessor made the inside 2 member Etherchannel 2Gbps but just the 1Gbps on the outside. Now there are hundreds of NAT and access rules referencing OUTSIDE. What I'd like to do is to turn the OUSIDE interface into a 2 member Etherchannel like the inside. But I'm concerned I won't be able to do this as I imagine I'll be blocked

from deleting the current OUSIDE due to so many references to it. Or if it lets me do it I'm concerned the temporary impact while the Etherchannel OUTSIDE interface is instantiated.

Is there a means to change the outside from a single Gi interface to a 2 member Etherchannel interface that's minimally invasive? Gi 0/0 is currently the outside and Gi 0/6 is disabled/unused. Any suggestions appreciated!

Marvin Rhoads · ‎11-11-2021

While removing the nameif from Gi0/0 and creating a new Etherchannel that includes Gi0/0 and Gi0/6 will indeed remove all references to that nameif in the rest of the config, it is pretty easy to restore.

Just get a fresh backup before beginning and then sort out all of the config lines referencing the outside nameif. Do the work on the Etherchannel and then just paste in the lines you had sorted out.

I've done it several times without any issue.

View solution in original post

Marvin Rhoads · ‎11-11-2021

While removing the nameif from Gi0/0 and creating a new Etherchannel that includes Gi0/0 and Gi0/6 will indeed remove all references to that nameif in the rest of the config, it is pretty easy to restore.

Just get a fresh backup before beginning and then sort out all of the config lines referencing the outside nameif. Do the work on the Etherchannel and then just paste in the lines you had sorted out.

I've done it several times without any issue.