I was given someone else's configuration so i'm trying to figure out how to make it work. They tried to apply an address to the port-channel but the switch won't accept the command.

I thought that i could create a port channel sub-interface but the 2960 won't accept the sub-interface config. 

I created a loopback with the address 192.168.253.3 but am not able to ping across to the fw at 192.168.253.2. 

I don't have console access to the firewall just the config. 

The switch interfaces are up/up and the tech onsite verified that the swtich and the firewall are connected to each other. 

I'm open to ideas on how to make it work...if possible... :-)

2960 config (uncorrected) 

config t

interface GigabitEthernet1/0/23

description Connection to asa firewall port ge-1/2

no shutdown

interface GigabitEthernet2/0/23

description Connection to asa firewall port ge-1/3

no shutdown

exit

interface port-channel 1

description Connection to asa firewall

ip address 192.168.253.3 255.255.255.253

switchport mode access

interface GigabitEthernet1/0/23

channel-group 1 mode active

interface GigabitEthernet2/0/23

channel-group 1 mode active

exit

do wr

ASA config

interface GigabitEthernet1/2

description Connection to switch 1A port ge-1/0/23

no shutdown

interface GigabitEthernet1/3

description Connection to switch 1B port ge-2/0/23

no shutdown

exit

interface redundant 1

description Connection to switch 1

ip address 192.168.253.2 255.255.255.254

member-interface GigabitEthernet1/2

member-interface GigabitEthernet1/3

nameif internal

security-level 100

no shutdown

exit

route internal 192.168.0.0 255.255.0.0 192.168.253.3