I will try to condense this into a succinct posting. I am looking for some configuration assistance with a design I am working on. I am trying to configure an active/passive transparent firewall clusterwith aggregated interfaces in both the trust and untrust side of the firewall. After some experimentation in the lab and a little research I discovered that the high-end SRX firewalls don't support LACP in transparent (layer 2) mode - I had initially tried
The lacp configuration on the redundant ethernet (reths) didn't work, since lacp is not supported in layer 2 mode, so I reconfigured the cluster to use aggregated ethernet (ae) interfaces. I have attached diagrams and configuration files showing both the reth interfaces with lacp (which isn't supported) and ae interfaces (which I'm not sure wil even work as designed). I had to combine the 802.3ad and LACP configurations into one file, since I can only attach three files.
If anybody has done this sort of configuration I would appreciate your input. Is there a way to configure aggregated interfaces on a transparent cluster?
Regards,