Lacp Issues Peer Not Detected

Thomasevig · ‎03-02-2023

Hello Dear Forum.

we are running 2 pa-3320 in Ha Actiave/passive mode

both of which have aggregated ports.

recently we've moved our server room to a different room and

have reconfigured some of out network components.

after reconnecting everything in

the correct order,

the passive unit can't reach our

DC Servers.

the ae1 link seems to be down despite the arp

table of the interface is properly populated.

pinging some devices across these networks

from the passive unit does work.

however it cant reach some specific resources,

such as the DC servers (as mentioned before).

on the ae1 link it is shown as if the Ethernet

interfaces are down(despite not being down1!)

and indicates that

"Peer is not detected"

Pictures Included!!

Many thanks!

Raido_Rattameister · ‎03-02-2023

If you take packet capture (Monitor > Packet Capture) on interface 1, 2, 5 and 7) do you see incoming LACP packets being sent by switch?

What LLDP shows as peer port? Is physical cabling going where it is supposed to go?

Enterprise Architect, Security @ Cloud Carib Ltd
Palo Alto Networks certified from 2011

Thomasevig · ‎03-02-2023

Hello thank you.

the lldp peers show no switches on the passive unit.

im trying to figure it out thank you for now

Thomasevig · ‎03-15-2023

Hello,

for some reason the aggregation link on the switch

which it's connected to, didn't work in dynamic link.

this makes me wonder, can the palo alto use lacp

to a switch wihthout having to configure dynamic

lacp on the switch itself?

nikoolayy1 · ‎03-23-2023

You can just not enable LACP under the config and this will make it a static trunk:

Other than that this command "show lacp aggregate-ethernet all" will give you a lot of needed info. Check the link below:

Just in case check if the configured transmit rate is the same between the switch and Palo alto (Slow or Fast):

M.Allen · ‎06-12-2024

Hi did you ever get a resolution to this I have a very similar issue?