Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

FWSM/ASA in Transparent passing Lacp ? [ for LB purposes ]

Hi !

i would like to see if this is currently possible :

i have two firewalls, fwsms and/or asa .

i would like to have the following configuration :

fwsm/asa/other are in transparent mode [assuming that in that way they can pass Lacp]

if they can pass lacp transparently , it means i can use the native Portchannel load balance with it to trafficshare between them, or do i need something more ?

if this is possible i would be able to add firewalls "on the go" not ?

ScreenHunter_18 Oct. 18 15.56.jpg

Everyone's tags (3)
1 REPLY
New Member

FWSM/ASA in Transparent passing Lacp ? [ for LB purposes ]

I think you're asking for trouble with this scenario. 

Here's something to consider.  Lacp should send one specific flow over a given interface, so you'd think you would be ok.  However, since the return flow gets balanced by a differnet switch, it won't necessarily end up on the same trunk.  At that point, the other firewall wouldn't know about the flow, and would drop the traffic.

Now that asa supports terminating lacp, you're much better off spending a bit more and getting a bigger firewall in the first place.

hth,

Rick

446
Views
0
Helpful
1
Replies