Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
733
Views
0
Helpful
5
Replies

CISCO fail to LACP

azzamrifki
Level 1
Level 1

‎11-19-2019 08:48 PM - edited ‎11-19-2019 08:49 PM

I have problem like this

Two cisco catalyst 2960-x 24 L is stacked, port gi1/0/23,gi1/0/24,gi2/0/23, and gi2/0/24 is bundle together in Port-channel 5 and using LACP mode active. Those 4 port is connected to two juniper firewall with configuration like in the picture on file Capture.PNG,

note: the picture i use bellow is only to describe the topology ,the real firewall is juniper

the problem is everytime i disconnect one of the 4 LACP port the connection is fails i cannot ping my detination address,

i check my CISCO ios and it is already the latest one so right now im kinda stuck

Labels:
Preview file
16 KB
0 Helpful
5 Replies 5

Francesco Molino
VIP Alumni
VIP Alumni

‎11-19-2019 09:30 PM

Hi

4 ports bundled into 1 PO are physically connected to 2 different devices. I'm not very familiar with Juniper but I believe you should have a PO of 2 ports going to 1 firewall and another PO if 2 ports going to the other firewall.

When all ports are connected, what do you see on the output show etherchannel?
Can you run a quick lacp debug, disconnect 1 cable and share the output of this debug?

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

azzamrifki
Level 1
Level 1
In response to Francesco Molino

‎11-19-2019 09:38 PM

When all ports are connected, what do you see on the output show etherchannel?

 

Switch#show etherchannel
Channel-group listing:
----------------------

Group: 5
----------
Group state = L2
Ports: 4 Maxports = 16
Port-channels: 1 Max Port-channels = 16
Protocol: LACP
Minimum Links: 0

 

0 Helpful

Francesco Molino
VIP Alumni
VIP Alumni
In response to azzamrifki

‎11-24-2019 09:14 AM

Can you do a sh etherch summ? and what is the mac address you're learning on all links?
did you do a debug while disconnecting a port from the PO?

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

azzamrifki
Level 1
Level 1
In response to Francesco Molino

‎11-19-2019 09:42 PM

4 ports bundled into 1 PO are physically connected to 2 different devices. I'm not very familiar with Juniper but I believe you should have a PO of 2 ports going to 1 firewall and another PO if 2 ports going to the other firewall.

 

i'm sorry but the juniper firewall is also stack, is it still consider as two different devices?????

0 Helpful

julian.bendix
Level 3
Level 3

‎11-24-2019 10:46 AM

Hi!
You will most likely need to configure two different port-channels on the Cisco Switch.
One with two physical ports going to Firewall 1,

and one with the other two physical ports going to Firewall 2.

To confirm, can you please post the output of the following commands:
#show etherchannel 5 summary
#show etherchannel 5 detail

 

Best regards!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card