ASA - Port-Channels

 - port-channel on Gigabit interface 0/0 and Gigabit 0/3

Configuration:

with LACP

 - interface Gi0/0

(config)# interface gigabitEthernet 0/0

(config-if)# no shutdown

(config-if)# channel-group 1 mode active

 - interface Gi0/3

(config)# interface gigabitEthernet 0/3

(config-if)# no shutdown

(config-if)# channel-group 1 mode active

 - interface port-channel 1 configuration

in port-channel we can also configure subinterfaces like in normal interfaces,e.g.

(config)# interface port-channel 1.20

(config-subif)# vlan 333

(config-subif)# security-level 0

(config-subif)# nameif dmz1

(config-subif)# ip address 150.100.100.100 255.255.255.0

(config-subif)# no shutdown

 

(config)# interface port-channel 1.40

(config-subif)# vlan 334

(config-subif)# security-level 0

(config-subif)# nameif dmz2

(config-subif)# ip address 100.100.100.100 255.255.255.0

(config-subif)# no shutdown

 Configure port-channel on switch where ASA is connected, config should looks like below:

interface GigabitEthernet1/0/1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 333,334
switchport mode trunk
channel-group 1 mode active

interface GigabitEthernet1/0/2
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 333,334
switchport mode trunk
channel-group 1 mode active

Check port-channel:

ASA:

ASA-port-channel-1.png

ASA-port-channel-2.png

ASA-port-channel-3a.pngASA-port-channel-3b.png

ASA-port-channel-4.png

 

 

 

 

 

ADDA 2013-12-08

 

This site uses cookies. Some of the cookies we use are essential for parts of the site to operate and have already been set. You may delete and block all cookies from this site, but parts of the site will not work.