03-18-2015 02:09 PM
Is there supported to create virtual wire aggregate group ae1 with 3 physical interfaces and another ae2 with another 3 physical interfaces, then form virtual wire with ae1 and ae2. Point of this setup is to put PA between two switches with port channel group formed with 3 physical interfaces.
03-20-2015 04:26 AM
Ok, just clarify what I want to do.
To put PAN between two Cisco switches with Q trunk formed on port channel with two physical port. So I configured two physical VWires without aggregation and corresponded vlan subinterfaces with vlan tag respectively. Then I create Vwires interfaces of same vlan's. Then new created vwire side subs in same vlan, put on same security zone eg. Vwire_10 zone. On second physical Vwire I need to create same vlan subs and put them on corresponded sec zone eg. Vwire_10. On that point I create security policies to secure traffic between vlan's (eg. Vwire_10 to Vwire_50). Maybe picture below is better to help understand this setup than I could explain...
I have no enough resources to test this and I'm concerned whether is this recommended scenario or not, when we talk about Vwire setup on trunk link's with aggregated interfaces on switches?
05-12-2022 05:56 AM
for this case I recommend to use layer 2 interface because vwire is only for physical interface and aggregate interface. You can improve on the following solutions:
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!