Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Nexus 7009 & Cisco ASA 5520


We have a pair of Nexus 7009 running image 6.2(2a) & Cisco ASA 5520 image 8.2 HA pair (Active/Standby) routed mode. I want to know that how I can connect both ASA with Nexus 7009? We are running static routes. Do I have to configure that ports where I will connect ASA as a Orphan Port ?.

Keep in mind that I have only one free port in each ASA & nexus 7009 I have only F2 card having 48 1000/10000 sfp ports with one copper transceiver

for each nexus 7009 to connect ASA's


  • Other Data Center Subjects
New Member

Nexus 7009 & Cisco ASA 5520

1) Connect ASA-1 to N7k-1 and ASA-2 to N7K2(configure a trunk port to carry inside, outside & Other vlans as required)

2) It is best practice to keep the interface which is connecting to ASA as orphan port.

3) Create a trunk between N7K-1 & N7K-2 allowing all the required vlan(inside, outside Ect)

4) Assuming that you have a pair of wan routers to connect outside, Connect the WAN routers to the "outside" vlan in both N7K1 & N7K2, and run HSRP in both WAN routers for "Outside" zone/vlan.

5) Add a static/default route from ASA to HSRP ip of wan router.

6) Add route towards inside zones in WAN routers towards the "Inside" virtual ip of ASA.

Hope this helps.

This widget could not be displayed.