Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
616
Views
0
Helpful
1
Replies

Portchannel and dual ISP

songwh911
Level 1
Level 1

‎05-22-2018 10:29 AM - edited ‎03-08-2019 03:06 PM

I have a rather basic question about portchannel and dual ISPs. I have a Active/Passive ISPs where ISP2 is only active when ISP1 fails.

 

On ASA side, I have 2 subinterfaces with different IP address and vlan (999 for ISP1 and 998 for ISP2) assigned to each subinterfaces.

 

On switch side, I have access vlan 999 towards ISP 1 modem and access vlan 998 towards ISP2 modem. For portchannel towards firewall, I have a portchannel setup as trunk and allow vlan 999 and 998. But I'm unable to ping the ISP1 from firewall. I don't even see the ISP1 ip address in firewall ARP table.

 

On a side note, I also have a native vlan set as 999 (ISP vlan) towards some other switch from inherited config, which I want to clean up later. I wonder if that has anything to do with this issue. 

 

Is it my portchannel configuration or native vlan configuration that's messing up with connection?

Labels:
Preview file
40 KB
0 Helpful
1 Reply 1

dperezoquendo
Level 1
Level 1

‎05-22-2018 12:56 PM

If you're not using the vlan 999 as the native between the switch and firewall trunk, then I don't think it is the issue.

I would recommend doing a packet-tracer on your ASA to narrow down the root cause.

0 Helpful
Customers Also Viewed These Support Documents