cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

332
Views
0
Helpful
9
Replies
Highlighted
Beginner

Ether-Channel

Is it possible to configure Ether-Channel on an ASA Firewall, and if so how? Also, is it worth it? Looking for Redundancy 

 

For example, having 2-3 Ethernet lines feeding a switch from the ASA. Thoughts on this?

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Hall of Fame Guru

Re: Ether-Channel

I do not understand parts of your follow up question. The part that is clear is what other ways. So another way would be to configure multiple interfaces (on an ASA) connecting to multiple interfaces (on switch(es) as EtherChannel and configure it as a trunk carrying multiple vlans (so you could have a vlan for Inside and a vlan for DMZ both carried over the EtherChannel). Another possibility is to configure interfaces on 2 ASA (configured as a failover pair) as Etherchannels connecting to interfaces on switch(es) 

HTH

Rick

View solution in original post

9 REPLIES 9
Highlighted
VIP Mentor

Re: Ether-Channel

Hello,

 

Etherchannel on the ASA is certainly possible. Check the link below for details:

 

https://www.cisco.com/c/en/us/td/docs/security/asa/asa94/config-guides/cli/general/asa-94-general-config/interface-echannel.html

Highlighted
VIP Mentor

Re: Ether-Channel

For link resiliancy always suggested to use link bundle,(for high throughput and link resilinacy)  where possible to get advantage of it.

 

BB
*** Rate All Helpful Responses ***
Highlighted
Hall of Fame Guru

Re: Ether-Channel

I configured ASA Ether Channel for a customer. They were pleased with how it worked and thought it was well worth doing. It provided quite effective redundancy.

HTH

Rick
Highlighted
Beginner

Re: Ether-Channel

That pretty awesome, lets say you have ip address dhcp setroute on the
outside interface then you can configure 3 other inside interfaces with the
same VLAN then 3 ports on the switch to be within the same VLAN then
configure them for Etherchannel and should work pretty well?
Highlighted
Hall of Fame Guru

Re: Ether-Channel

That should be one way to do it.

HTH

Rick
Highlighted
Beginner

Re: Ether-Channel

Whats another way? Compared to this way and another way, I know one is
without wlans and another with but is the other way better and more
reasonable?
Highlighted
Hall of Fame Guru

Re: Ether-Channel

I do not understand parts of your follow up question. The part that is clear is what other ways. So another way would be to configure multiple interfaces (on an ASA) connecting to multiple interfaces (on switch(es) as EtherChannel and configure it as a trunk carrying multiple vlans (so you could have a vlan for Inside and a vlan for DMZ both carried over the EtherChannel). Another possibility is to configure interfaces on 2 ASA (configured as a failover pair) as Etherchannels connecting to interfaces on switch(es) 

HTH

Rick

View solution in original post

Highlighted
Beginner

Re: Ether-Channel

Thats a good idea, thank you for telling me that. It's greatly appreciated
:) your way seems less complicated haha.
Highlighted
Hall of Fame Guru

Re: Ether-Channel

You are welcome. I am glad that my suggestions have been helpful.

HTH

Rick