Cisco Support Community
Community Member

Can I connect two Nexus 6000 switches to one ASA port channel using vPC on the two Nexus switches?

I have created a port channel on my ASA and I wanted to use a vPC between the two Nexus 6k switches but I have read conflicting information about using a vPC to route traffic out in this manner. Is this supported? 

Everyone's tags (1)
Community Member

I believe the only time where

I believe the only time where it is not supported is when you are using a dynamic routing protocol like EIGRP or OSPF. I have a number of ASA working just fine with vPC's but we run static routes to them...

Community Member

We are  using static routes

We are  using static routes on our 6k switches. So to be clear if I, for example, setup the hsrp vip on vlan 1 with an IP of and then trunk vlan 1 across the vPC and put on the firewall vlan 1 interface I can create a static route for traffic destined for another network subnet from the 6ks to and it will route through the firewall as long as no routing protocol is running on the Nexus switches and I add the new vlan to the vPC Peer-link? I'm new to Nexus and vPC so I just want to make sure I'm not missing something.

Community Member

Yep I believe this should

Yep I believe this should work. This sounds like exactly what we are doing in our environment.

Community Member

One side note though... I did

One side note though... I did learn the hard way that if you have a add on module in your ASA (like a 4GE SSM)) it does not support port channels. There was a version of code that had a bug that would let you configure the port channel, but it does not work correctly. I think it is a hardware limitation due to the way the module is seen at a hardware level as a single port.

CreatePlease to create content