Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
25764
Views
0
Helpful
3
Replies

Need ASA 9.x Etherchannel example w/ layer 2 switch config

corpengineer818
Level 1
Level 1

‎03-14-2014 02:47 PM - edited ‎03-07-2019 06:43 PM

Hello there:

Could anyone please point me to example configurations of Etherchannel on an ASA 9.x, connecting to a layer 2 switch?  I need to see how the switch is configured as well.

Thank you.

Labels:
0 Helpful
3 Replies 3

Marvin Rhoads
Hall of Fame
Hall of Fame

‎03-14-2014 03:38 PM

It's pretty simple - follow these guides:

ASA Configuration

Switch configuration

The second link is for a 4500 series switch but the concept is the same for most Layer 2 Catalyst switches running IOS or IOS-XE.

0 Helpful

Mizanul Islam
Level 1
Level 1

‎03-14-2014 08:16 PM

Hi,

I have configured Port channel with Cisco 2960S switch. Here is the below configuration example. If the answer is correct please Comments.

 

 

fw-01# sho port-channel summary

Flags: D - down P - bundled in port-channel

I - stand-alone s - suspended

H - Hot-standby (LACP only)

U - in use N - not in use, no aggregation/nameif

M - not in use, no aggregation due to minimum links not met

w - waiting to be aggregated

Number of channel-groups in use: 1

Group Port-channel Protocol Span-cluster Ports

------+-------------+---------+------------+------------------------------------

11 Po11(U) LACP No Gi0/1(P) Gi0/0(P)

 

 

!

interface GigabitEthernet0/0

description *** Connected to CORE-SW-01 ***

channel-group 11 mode passive

no nameif

no security-level

no ip address

!

interface GigabitEthernet0/1

description *** Connected to CORE-SW-01 ***

channel-group 11 mode passive

no nameif

no security-level

no ip address

!

interface Port-channel11

description *** Connected to CORE-SW ***

nameif outside

security-level 100

ip address 10.98.8.90 255.255.255.248 standby 10.98.8.91

!

 

================Switch====================

interface Port-channel12

description *** Port-Channel Used for DC-INSIDE-FW-1-IPS***

switchport access vlan 912

!

interface GigabitEthernet1/0/21

description **** inside Firewall 01 ***

switchport access vlan 912

channel-protocol lacp

channel-group 12 mode active

!

Please let me know your topology.

 

0 Helpful

corpengineer818
Level 1
Level 1

‎03-15-2014 10:46 AM

Sorry, I should have provided more information. We would like to setup VLANs throughout, and within the etherchannel. The ASA 5545 is new, but the stack of Catalyst 3850's won't arrive for a bit. So For the time being, I have to connect the ASA to an existing layer 3 Netgear gsm7328s, which supports ether channel, and a few other layer 3 Foundry switches, 648p units, and an hp Procurve layer 3. The existing setup is messy. Not all traffic would go through the ether channel, but I would like the VLANs to span all the switches if possible. Thank you for the feedback.
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card