Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Upstream connectivity between my Aruba 8325 VSX core pair and my single Sonicwall NSa 6700 firewall

I'm trying to wrap my head around the best or correct way to configure the upstream connectivity between my Aruba 8325 VSX core pair and my single Sonicwall NSa 6700 firewall. I have mc-lags to my downstream access stacks working, but am not sure what my choices are for the upstream connection to my firewall. This is just a two-tier network with no aggregation layer. Right now I have two 40G DAC cables going from my LAN X32 and X33 interfaces (aggregated) on my SonicWall to each of my two core switches (interface 1/1/52 on each). Right now, the L2 discovery on my SonicWall shows each of the 8325 switches they are connected to and the 1/1/52 interface are both up on the 8325s, but it is showing an LACP block on each of the 8325 switches for the vlan lag 254 interfaces. Currently my LAN IP on the Sonicwall is 10.1.254.254. What else needs to be done on the Sonicwall end, other than aggregating the two ports?

Following is the configuration I have on each of the two core switches:


interface lag 254 multi-chassis

  description VSX LAG 254 (Sonicwall LAN)

  no shutdown

  no routing

  vlan access 254

  lacp mode active

  loop-protect

  loop-protect vlan 254


interface 1/1/52

  description Lag Port (Sonicwall LAN)

  no shutdown

  mtu 9198

  lag 254


interface vlan 254

  vsx-sync active-gateways

  ip mtu 9198

  ip address 10.1.254.2/24 (10.1.254.3/24 for secondary)

  active-gateway ip mac 12:01:00:00:01:00

  active-gateway ip 10.1.254.1

Category: Entry Level Firewalls
Reply
Sign In or Register to comment.