03-25-2020 02:43 AM
Hello everyone! :)
I have 2 PaloAlto Active/Standby, connected to 2 X Cat9500Stack, in campus distribution layer . I would like to configure 2 Etherchannels. One to Active,one to Standby Firewalls. So if the Active FW fails, primary Etherchannel will switch to secondary one, in order to continue forward with Standby FW, that became active at this moment.
What and how to this config, on Cat9500?
Please advice what and how to configure both sides. Mean Cat9500 and PaloAlto.
Thank you in advance! Other Network Architecture Subjects, Other Networkin
03-25-2020 03:29 AM
Hi,
In the end is just a regular LACP, doesn't matter if there is a stack of switches or just one switch, or if there is an HA pair of firewalls, or just one firewall. Here's the Cisco side, and here's the Palo Alto side.
Regards,
Cristian Matei.
03-25-2020 03:48 AM
Thank you for quick reply, i will check and come back in case of doubts.
03-25-2020 03:32 AM
Hello @Anna ,
i am pointing you to the configuration guide for etherchannels (Cat9500):
Please consider, as connection scheme to enhance redundancy, to split port-channel interface members and connect to both modules of the stack (active and standby).
Best regards.
03-25-2020 04:10 AM
Thank you, going though docs now.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide