Flax link is a layer-2

dyop.geop · ‎01-07-2015

Hi,

I think this is just a simple configuration to you fellow engineers. :)

Setup is

SW >> Proxy Server >> ASA

2 physical links, from SW to Proxy Sever, as well as 2 physical links from Proxy Server to ASA.

Before implementing the Proxy Server, the network works fine by just using portchannel from switch to ASA.

But with the proxy server now in the middle, and this proxy server doesn't support link redundancy/etherchannel!, how can we achieve link redundancy?

I'm looking at flex links, but the switch and the ASA have point to point ip addresseses.

(SW using interface vlan, while the FW has portchannel with an ip address)

PLEASE SEE attached image for details.

Reza Sharifi · ‎01-07-2015

Flax link is a layer-2 technology and as you already know the ASA does not support It.

If the Blue Coat does not support LACP, than just use one link to connect it to both ASA and the switch.

HTH

dyop.geop · ‎01-07-2015

Hi Sir Reza Sharifi for the reply.

Our client doesn't want to have just one link, they purchased additional NIC card for the proxy server just to have link redundancy (yep, poor planning and anticipation),

will there be any other workaround?

dyop.geop · ‎01-07-2015

could this work?

example only.

interface redundant 1
nameif outside
security-level 0
ip address 10.86.194.225 255.255.255.0
member-interface GigabitEthernet0/0
member-interface GigabitEthernet0/2

Link Redundancy from Switch (3750) to Proxy Server(Blue Coat) to Firewall (ASA)