12-30-2011 03:00 AM - edited 03-11-2019 03:08 PM
Dear Cisco Expert,
I have problem with portchannel in cisco ASA with subinterface, My asa create port channel two link with switch :
my asa configuration (PO3 == int gi0/1 & int gi0/0 ASA) :
interface Port-channel3
no nameif
no security-level
no ip address
!
interface Port-channel3.20
vlan 20
nameif XXXX
security-level 50
ip address 172.27.3.1 255.255.255.224
my switch configuration (PO3 == int gi0/19 & int gi0/20 switch) :
interface Port-channel3
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 20,30,40,50
switchport mode trunk
end
I also tried create int vlan 20 in switch,
interface Vlan20
ip address 172.27.3.2 255.255.255.224
end
but it doesn't work
the etherchannel status is still in waiting :
show etherchannel sum :
3 Po3(SD) LACP Gi0/19(w) Gi0/20(w)
Do you have any clue ?
Thank u guys, ...
Btw, if i create ASA port chanel withoout subinterface it's work.
Best Regards
Rizal Ferdiyan
12-30-2011 04:10 AM
You ASA cofniguration should look like this. You havnt posted the full config so no comment on that
interface GigabitEthernet0/0
channel-group 10 mode active
speed 1000
duplex full
no nameif
no security-level
no ip address
!
interface GigabitEthernet0/1
channel-group 10 mode active
speed 1000
duplex full
no nameif
no security-level
no ip address
!
!
interface Port-channel3
speed 1000
duplex full
no nameif
no security-level
no ip address
!
interface Port-channel3.20
vlan 20
nameif XXXX
security-level 50
ip address 172.27.3.1 255.255.255.224
Thanks
Ajay
09-17-2015 05:37 PM
thanks Ajay,
how can u leverage this multi-vlan port-channel in a security context? I have allocated the port-channel and its sub-interfaces to a context, is that enough? the downlink switch will use the asa security context for inter-vlan routing.
09-17-2015 08:25 PM
Hi,
In a multi vlan multi context setup, you just need to allocate a sub interface to correct context and map it to correct vlan.
You should have appropriate nat and acl according to your network.
Is there any specific issue that you are facing?
Thanks,
R.Seth
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide