Issue Description

The port Lag(Aggregate Interface) at firewall is not working with core switch.

Handling Process

1. Configure the Aggregate interface to load balancing as picture above load balancing.
   
2. Try to connect both devices, but still unable to ping.
3. Access to cisco device and check the status for eth port group channel. Use the enable command to enter EXEC mode, use show run to check the version and port channel IP address.(different version has different command)
   
4. After verified the port used for link aggregate, use show etherchannel summary to check the port belong to which port channel.
   
5. Check the IP is correct by using show run.
   
6. Check the etherchannel status by using show interfaces etherchannel.
7. Found the switch is using LACP protocol and Mode Active.
   
8. Found that the current NGAF version didn’t support the LACP mode. NGAF support to use LACP link aggregation in version 8.0.8 and above.
9. Proceed to upgrade the NGAF firmware version.
10. Configure the link aggregate as picture shown, make sure that the IP address is correct.
    

Root Cause

The version 8.0.5 not support LACP.

Solution

1. Change the LAG mode to another mode which supported by the current NGAF firmware.
2. Upgrade the NGAF to new version so that it support LACP mode.

Suggestions

1. Make sure that 2 device must using the same LAG protocol.