Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
767
Views
4
Helpful
5
Replies

Port-channel not coming up on ASA cluster

Go to solution
harishbau084
Level 1
Level 1

ā€Ž06-21-2023 09:25 AM

Hi,

I am trying to bring up a cluster interface for which I have used a Layer 2 switch and Cisco ASA. I have  identical ports connected at both the ASAs which terminate in the switch. I am using LACP mode active at both switch and ASA but the port-channel is not coming up. I am attaching interface configs of ASA and switch in anticipation that some expert might be able to help me.

SW
++++++++++++
!
interface GigabitEthernet0/2
description "ASA3-E1-(prt.chnl)"
switchport trunk allowed vlan 13-15
switchport trunk encapsulation dot1q
switchport mode trunk
negotiation auto
no cdp enable
channel-group 1 mode active
end
!
interface GigabitEthernet0/3
description "ASA3-E2(prt.chnl)"
switchport trunk allowed vlan 13-15
switchport trunk encapsulation dot1q
switchport mode trunk
negotiation auto
no cdp enable
channel-group 1 mode active
end
!
interface Port-channel1
switchport trunk allowed vlan 13-15
switchport trunk encapsulation dot1q
switchport mode trunk
end
!
Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
1 Po1(SN) LACP Gi0/2(w) Gi0/3(w)
!

ASA
++++++++++++++
!
interface Ethernet1
channel-group 1 mode active
no nameif
no security-level
no ip address
ciscoasa# sh run int e2
!
interface Ethernet2
channel-group 1 mode active
no nameif
no security-level
no ip address
ciscoasa# sh run int po 1
!
interface Port-channel1
port-channel span-cluster
no nameif
no security-level
no ip address
!
Group Port-channel Protocol Span-cluster Ports
------+-------------+---------+------------+------------------------------------
1 Po1(N) LACP Yes Et1(w) Et2(w)

Regards

 

 

 

1 Accepted Solution

Accepted Solutions

Go to solution
MHM Cisco World
VIP
VIP
In response to harishbau084

ā€Ž06-21-2023 10:01 AM

Config cluster then config  PO for both IN and OUT

View solution in original post

5 Replies 5

Go to solution
MHM Cisco World
VIP
VIP

ā€Ž06-21-2023 09:53 AM

Did you config cluster first then config PO?

0 Helpful

Go to solution
harishbau084
Level 1
Level 1
In response to MHM Cisco World

ā€Ž06-21-2023 09:58 AM

Configured Port-channel first , As it is not coming up didn't proceed with cluster


0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to harishbau084

ā€Ž06-21-2023 10:00 AM

@harishbau084 if you are creating a spanned etherchannel for the cluster, you define one interface from each ASA in the cluster in the port-channel, as per the example.

Go to solution
MHM Cisco World
VIP
VIP
In response to harishbau084

ā€Ž06-21-2023 10:01 AM

Config cluster then config  PO for both IN and OUT

Go to solution
harishbau084
Level 1
Level 1

ā€Ž06-22-2023 01:39 AM

After configuring cluster then port-channel, issue got resolved.

Thanks everyone.

 

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card