Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1404
Views
0
Helpful
5
Replies

Bonding or Team Interface on Firepower 1010 w/VLANs?

1timcisco
Level 1
Level 1

‎07-22-2021 04:32 PM - edited ‎07-23-2021 06:47 AM

Is there a way to team or bond the 1/7 & 1/8 port on the firepower 1010 device.  I am using the FMC to manage the device.

The configuration im trying to achieve is that I have 2 POE cisco business access points and I have 2 POE ports to power themSwitching.  The power from the ports is fine but I want them to be on the same network so I can manage the Access Points from the same UI instead of creating a seperate network for both AP's.

 

The device is in Routed Mode & the 2 POE interfaces im trying to bond have vlans also.

Labels:
0 Helpful
5 Replies 5

pieterh
VIP
VIP

‎07-23-2021 03:17 AM - edited ‎07-23-2021 03:26 AM

no need to "bond or team" ports,

the device  has "L2 switch support."-> you connect the AP's just as you would on any switch

Cable the Device (6.5 and Later)

To cable the recommended scenario on the Firepower 1010, see the following illustration, which shows a sample topology using Ethernet1/1 as the outside interface and the remaining interfaces as switch ports on the inside network

 

By default, Ethernet1/1 is a regular firewall interface that you can use for outside, and the remaining interfaces are switch ports on VLAN 1; after you add the VLAN1 interface, you can make it your inside interface. You can alternatively assign switch ports to other VLANs, or convert switch ports to firewall interfaces.

0 Helpful

1timcisco
Level 1
Level 1
In response to pieterh

‎07-23-2021 06:46 AM

I should have mentioned that the Firepower 1010 is in routed mode.  I have different networks on each interface for segmentation.  The 2 POE ports that I am trying to bond together also have VLANs on them.

0 Helpful

pieterh
VIP
VIP
In response to 1timcisco

‎07-25-2021 11:34 PM

doesn't matter the device is in routed mode, it's the port config that matters,
if those still are switchports then you can configure the same vlan on both ports.

Step 3

(Optional) Disable switch port mode for any of the switch ports (Ethernet1/2 through 1/8) by clicking the slider in the SwitchPort column so it shows as disabled

for your purpase I suggest to set this to enabled

if you keep it on disabled, you will not be able to use the same vlan/subnet on multiple ports
when you remain with the current setup using for both access points on different subnet,

you still can use the same management interface for both access points.
but then you need to "prime" one of the access points with the ip-address of the "controller" on the other AP using either static configuration, DHCP-opt43 or DNS-record

0 Helpful

1timcisco
Level 1
Level 1
In response to pieterh

‎07-27-2021 11:20 AM

pieterh, Im trying to replicate interface 1/8+sub interfaces to 1/7 where I am trying to add a new access point but the new access point wont pickup, it just keeps acting like a new access point and want me to set it up that way.

Capture.PNG

0 Helpful

pieterh
VIP
VIP
In response to 1timcisco

‎07-27-2021 11:42 PM

as already explained you cannot accomplish your goal with ET1/8 being a routed interface,

-> read the procedure in the manual again 

Step 3

(Optional) Disable switch port mode for any of the switch ports

optional means you can skip this step and let the port remain a switchport
after that you should still be able to add and configure the vlan interfaces (for both physical ports now)

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card