This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Link Aggregation - IP addressing

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Link Aggregation - IP addressing

MarcelVladar
L0 Member

‎10-04-2018 04:13 AM - edited ‎10-04-2018 04:15 AM

So I configured Link Aggregation on my PA5260 running 8.1.

 

The first pair of links in ae1.8 comes up perfectly using 192.168.255.3/25 as the IP address. The second pair of links in ae2.9, however, refuse to respond on 192.168.255.131/25. The second pair is in a different security zone and there are no policies in place to block the ping requests to that address. I've also got a management profile running on it to allow pings. For the most part (other than the zone and VID) it is setup exactly as the first pair. LACP is not configured either.

 

Only once I change the second pair to 192.168.254.3/25 does it start responding to pings as expected. Is this a design requirement (completely seperate subnets?) or have I missed something. Any input is greatly appreciated. Thanks!

0 Likes Likes
3 REPLIES 3

OtakarKlier
Cyber Elite
Cyber Elite

‎10-04-2018 08:47 AM

Hello,

I would double check the logs and filter by source and desitnation IP's to verify. If you have the proper policies and management profiels applied tothe interfaces, it should work.

 

Regards,

0 Likes Likes

MarcelVladar
L0 Member
In response to OtakarKlier

‎10-05-2018 12:19 AM

Agreed, I would imagine it should work. But it doesn't.

I'm pretty sure all the policies and profiles are correct as it works perfectly

once I change to another subnet - no other changes. Strange.

 

I looked at the monitor log as well, and I don't see any of the traffic.

I think it's because there is no specific policy allowing the pings but instead

a management profile.

0 Likes Likes

OtakarKlier
Cyber Elite
Cyber Elite
In response to MarcelVladar

‎10-05-2018 06:29 AM

Hello,

If there is no log and no policy, I would create a policy that logs and allows ping. By default new policies dont log :(. Best is to set it to log at session end.

 

Hope this helps.

0 Likes Likes
  • 2478 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks