Cisco ASA Series Cli Configuration Manual page 415
Software version 9.0 for the services module
Hide thumbs
Also See for ASA Series:
- Configuration manual (429 pages) ,
- Getting started (31 pages) ,
- Mount and connect (12 pages)
Table of Contents
Advertisement
Chapter 1
Starting Interface Configuration (ASA 5510 and Higher)
Clustering Guidelines
•
When you use a redundant or EtherChannel interface as the cluster control link, it must be
pre-configured on all units in the cluster; you cannot configure it on the primary unit and expect it
to replicate to member units because the cluster control link itself is required for replication.
•
To configure a spanned EtherChannel, see the
page
•
To configure an individual cluster interface, see the
(Recommended for the Management Interface)" section on page
Redundant Interface Guidelines
•
You can configure up to 8 redundant interface pairs.
•
All ASA configuration refers to the logical redundant interface instead of the member physical
interfaces.
•
You cannot use a redundant interface as part of an EtherChannel, nor can you use an EtherChannel
as part of a redundant interface. You cannot use the same physical interfaces in a redundant interface
and an EtherChannel interface. You can, however, configure both types on the ASA if they do not
use the same physical interfaces.
•
If you shut down the active interface, then the standby interface becomes active.
•
Redundant interfaces do not support Management slot/port interfaces as members. You also cannot
set a redundant interface comprised of non-Management interfaces as management-only.
•
For failover guidelines, see the
•
For clustering guidelines, see the
EtherChannel Guidelines
•
You can configure up to 48 EtherChannels.
•
Each channel group can have eight active interfaces. Note that you can assign up to 16 interfaces to
a channel group. While only eight interfaces can be active, the remaining interfaces can act as
standby links in case of interface failure.
•
All interfaces in the channel group must be the same type and speed. The first interface added to the
channel group determines the correct type and speed.
•
The device to which you connect the ASA EtherChannel must also support 802.3ad EtherChannels;
for example, you can connect to the Catalyst 6500 switch.
•
The ASA does not support LACPDUs that are VLAN-tagged. If you enable native VLAN tagging
on the neighboring switch using the Cisco IOS vlan dot1Q tag native command, then the ASA will
drop the tagged LACPDUs. Be sure to disable native VLAN tagging on the neighboring switch. In
multiple context mode, these messages are not included in a packet capture, so you cannot diagnose
the issue effectively.
•
The ASA does not support connecting an EtherChannel to a switch stack. If the ASA EtherChannel
is connected cross stack, and if the Master switch is powered down, then the EtherChannel
connected to the remaining switch will not come up.
•
All ASA configuration refers to the logical EtherChannel interface instead of the member physical
interfaces.
•
You cannot use a redundant interface as part of an EtherChannel, nor can you use an EtherChannel
as part of a redundant interface. You cannot use the same physical interfaces in a redundant interface
and an EtherChannel interface. You can, however, configure both types on the ASA if they do not
use the same physical interfaces.
1-33.
"Configuring Spanned EtherChannels" section on
"Configuring Individual Interfaces
"Failover Guidelines" section on page
"Clustering Guidelines" section on page
Cisco ASA Series CLI Configuration Guide
Guidelines and Limitations
1-31.
1-10.
1-11.
1-11
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
