I am trying to interconnect two CAT 4500 in VSS to cisco Firewall FTD.
I have Configure Eterchannel on FTD Firewall. Below is the architecture that I am trying to do.
My ip adresses are on the Etherchanel ports.
I am thinking that port-channel 3 and port-channel 2 on the vss can't us the same IP adress.
so how can this work ?
Please Help me.
Lets Look at Failure Scenarios here.
FTD is Active / Standby, Means if the Active Fails, Standby kick on and process all request by Becoming Active.
In this Case all the IP address will move from Active to Standby (depends on how you configure)
in this above scenario if you looking, then you need to introduce SVI with HSRP on both the SWITCHES.
Look at some reference document :
The FW PC's will be in the same subnet anyway so unless I am missing something here whats wrong with having one PC on the VSS (same subnet as the FW active/standby pc interfaces) with all 4 ports assigned to it?