Trunk from stacked cluster to Palo Alto Active/Standby
a month ago
Hello, sorry maybe that was aked before but i not found an answer and i am new to aruba.
I have to 3510M Switches stacked together and facing problem in the communication to a palo alto firewall cluster that is in active standby.
One Interface of each Stack memeber goes to one Palo Alto but both are in the same Trunk Group
trunk 1/16,2/16 trk16 trunk
For my understanding the palo alto not can not handle that. I am not sure if the best solution would be to have 2 seperate trunks and connect each trunk to one firewall
trunk 1/16 trk16 trunk
trunk 2/16 trk17 trunk
Would this be a working solution?
Thanks and regards
Re: Trunk from stacked cluster to Palo Alto Active/Standby
a month ago
Hi! your scenario admits that a specific ports aggregation originating from each one Palo Alto firewall terminates its member links - equally distributed I would say - into each switch of the stack. Not the contrary (originating from any stack member, which would be supported, and terminating equally to both firewalls...which is not supported by a LACP/Non Protocol port aggregation approach standpoint). That's because you have to think your firewalls as separated nodes (despite you're dealing with an Active/Standby cluster).