Link Aggregation methods other than LACP for Nexus 7706
The customer has Palo Alto Firewalls that have to connect to a Nexus 7K (7706). The Palo Alto devices do not support LACP, therefore I wanted to know if either PaGP or any other Link Aggregation specification will work between the N7Ks and the Palo Alto devices other than LACP (possibly 802.3ad)?
If the Palo Alto Firewalls do not support LACP (802.3ad) then try using static channeling between the firewalls and the 7K. To do this ensure that the channel mode is set to mode (ON) on the 7K.
#channel-group (#) mode on
Both the ACTIVE and PASSIVE channel modes will use LACP for negotiation.
The Nexus 7K does not support PAgP, this is a Cisco proprietary link aggregation protocol would not be supported on those firewalls.
In case anyone comes across this thread the way I have, Palo Alto finally added LACP support in PAN-OS 6.1, see the link below for details:
Yes, we have recently invested in PAN5060s which run 6.1(3) but I've been unsuccessful getting LACP to run either in active or passive mode. Supposedly the PANs require Cisco to be Passive (what I've read out there from someone). I'm running a Nexus5672 with 7.0(5)N1.....
Anyone out there have any luck?
Hi Michael / All
Just wondering if anyone has had some success here? I recently tried with 5050s running 6.1.10 to Nexus 5672s PA passive and active with no success. We have recently moved to 7.0.11 so may circle back.
Zakria, i would be able to help you as i have deployed somewhat same type of design couple of times. Can you update which model and version of PA you have ?
i do know that PA do support LACP and it works just fine.