Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

ASA , 3750 Switch stack ,Etherchanel cross-stack and HA

Hi Guys,

I have run into a scenario where there they use a switch stack of four 3750’s and two ASA 5540 in Active-stanby HA Pair.

ASA's are connected with 4 interfaces across stack (1 interface to each switch).

1 Etherchannels (4 ports) is configured between ASA and switch. All vlans are terminated on ASA as a subiterfaces.

somehting like:

Port-channell1

no ip address

Port-channell1.10

vlan 10

ip address 192.168.10.1 255.255.255.0 stanby 192.168.10.2

Port-channell1.20

vlan 10

ip address 192.168.20.1 255.255.255.0 stanby 192.168.20.2

..and so on..

There is about different 60-70 vlans currently terminated on ASA.

We found a problem with failover testing:

When we test the failover and fail manually with “failover active” command,

It looks like only 29 vlans can fail to backup ASA instantly , the rest can take up to 5 min.

Is there a limitation for ASA or 3750 etherchannel  in this scenario why it would not failover instantly for all vlans ?

Thanks

Martin

1 REPLY
Community Member

ASA , 3750 Switch stack ,Etherchanel cross-stack and HA

sory mistake there :

Port-channell1.20

vlan 20

ip address 192.168.20.1 255.255.255.0 stanby 192.168.20.2

Martin

233
Views
0
Helpful
1
Replies
CreatePlease to create content