cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Link Aggregation - IP addressing

Announcements

Changes to the LIVEcommunity experience are coming soon... Here's what you need to know.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Reply
MarcelVladar
L0 Member
‎10-04-2018 04:13 AM
‎10-04-2018 04:13 AM

Link Aggregation - IP addressing

So I configured Link Aggregation on my PA5260 running 8.1.

 

The first pair of links in ae1.8 comes up perfectly using 192.168.255.3/25 as the IP address. The second pair of links in ae2.9, however, refuse to respond on 192.168.255.131/25. The second pair is in a different security zone and there are no policies in place to block the ping requests to that address. I've also got a management profile running on it to allow pings. For the most part (other than the zone and VID) it is setup exactly as the first pair. LACP is not configured either.

 

Only once I change the second pair to 192.168.254.3/25 does it start responding to pings as expected. Is this a design requirement (completely seperate subnets?) or have I missed something. Any input is greatly appreciated. Thanks!

0 Likes
Reply
OtakarKlier
Cyber Elite
Cyber Elite
‎10-04-2018 08:47 AM
‎10-04-2018 08:47 AM

Hello,

I would double check the logs and filter by source and desitnation IP's to verify. If you have the proper policies and management profiels applied tothe interfaces, it should work.

 

Regards,

0 Likes
Reply
MarcelVladar
L0 Member
‎10-05-2018 12:19 AM
‎10-05-2018 12:19 AM

Agreed, I would imagine it should work. But it doesn't.

I'm pretty sure all the policies and profiles are correct as it works perfectly

once I change to another subnet - no other changes. Strange.

 

I looked at the monitor log as well, and I don't see any of the traffic.

I think it's because there is no specific policy allowing the pings but instead

a management profile.

0 Likes
Reply
OtakarKlier
Cyber Elite
Cyber Elite
‎10-05-2018 06:29 AM
‎10-05-2018 06:29 AM

Hello,

If there is no log and no policy, I would create a policy that logs and allows ping. By default new policies dont log :(. Best is to set it to log at session end.

 

Hope this helps.

0 Likes
Reply
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

Latest Blogs
Latest Posts
Privacy Policy Terms of Use
Copyright 2007 - 2021 - Palo Alto Networks