09-18-2020 09:38 AM
Hi all,
I have an upcoming deployment and I need your inputs here. I will be replacing a fire that is configured in HA Pair with a PA-3220 non HA pair.
The core switch of the client is configured as a active-passive (NX-OS). My concern is, can I enable LACP on Palo Alto side and make it a routed interface and assign IP to it and on the nexus side they will configure a VPC, make it a L3 and configured an IP on it so on the Palo Alto side, it appears only as 1 appliance?
Your inputs are highly appreciated. Thanks a lot.
09-19-2020 04:14 AM - edited 09-19-2020 01:04 PM
Hi,
well that descibes perfectly what vPC is. See both devices do support LACP and the Nexus is designed to behave like this. So you are very good to go with this solution. If, in this scenario, it is necessary for us to understand why you switch from HA-pair to 2-single-firewalls, please clarify.
09-19-2020 04:14 AM - edited 09-19-2020 01:04 PM
Hi,
well that descibes perfectly what vPC is. See both devices do support LACP and the Nexus is designed to behave like this. So you are very good to go with this solution. If, in this scenario, it is necessary for us to understand why you switch from HA-pair to 2-single-firewalls, please clarify.
09-28-2020 05:07 PM
Because the end user only purchase 1 firewall
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
