Cisco Support Community
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Cisco ASA 5585X Ether chanel with Nexus 7000

I want to configure 5585x Active/Standby with 2 nexus switches utilizing VPC technology. Is this possible?

New ASA 8.4  supports etherchannel so I want to plugin 2 cables from ASA1  to sw1 and sw2 and 2 cables from ASA2 to sw1 and sw2?

Is this a valid design?  how would I configure that? Anyone has design document on that?

All I am reading  that  ASAs have to be in active/active scenario.


Everyone's tags (6)

Re: Cisco ASA 5585X Ether chanel with Nexus 7000

Hi Bro

Yes, this requirement is achievable. You can configure both the Cisco ASA FW (v8.4) to run EthernetChannel with your N5K via the vPV technology. Please kindly refer to this Cisco document for the Nexus portion

From the Cisco ASA’s point of view, regardless whether two C6K running VSS or two N7K running vPC, they both appear as a single LACP partner. Hence, for the Cisco ASA, there's no difference if it's a VSS pair or a vPC pair. With respect to vPC, any device that runs LACP (which is a standard), is surely compatible with the Nexus 7000, including ASA/ACE.

Please refer to this document on the Cisco ASA EtherChannel portion

One thing to remember here is, dynamic routing protocol peering is not supported if you are using the vPC option, only static routing.

P/S: If you think this comment is useful, please do rate them nicely :-)

Warm regards, Ramraj Sivagnanam Sivajanam Technical Specialist/Service Delivery Manager – Managed Service Department
CreatePlease to create content