03-06-2019 08:37 PM
Hello Expert,
I am trying to interconnect two CAT 4500 in VSS to cisco Firewall FTD.
I have Configure Eterchannel on FTD Firewall. Below is the architecture that I am trying to do.
My ip adresses are on the Etherchanel ports.
I am thinking that port-channel 3 and port-channel 2 on the vss can't us the same IP adress.
so how can this work ?
Please Help me.
Regards,
Zanga
03-06-2019 11:53 PM
Lets Look at Failure Scenarios here.
FTD is Active / Standby, Means if the Active Fails, Standby kick on and process all request by Becoming Active.
In this Case all the IP address will move from Active to Standby (depends on how you configure)
in this above scenario if you looking, then you need to introduce SVI with HSRP on both the SWITCHES.
Look at some reference document :
03-07-2019 01:55 AM
03-07-2019 03:16 AM - edited 03-07-2019 03:19 AM
Hello
The FW PC's will be in the same subnet anyway so unless I am missing something here whats wrong with having one PC on the VSS (same subnet as the FW active/standby pc interfaces) with all 4 ports assigned to it?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide