I have configured a LAG using LACP between SRX 4100 and Cisco ASA.
the link showing up but can't ping from SRX even its own interface, getting no route to host.
SRX configuration:
set chassis aggregated-devices ethernet device-count 1
set interfaces xe-0/0/3 ether-options 802.3ad ae0
set interfaces xe-0/0/4 ether-options 802.3ad ae0
set interfaces ae0 aggregated-ether-options lacp active
set interfaces ae0 unit 0 family inet address 10.212.5.254/24
set vlans INTERFW interface ae0.0
set security zones security-zone INTERFW interfaces ae0.0 host-inbound-traffic system-services all
Cisco ASA:
interface Port-channel3.2205
vlan 2205
nameif INTERFW
security-level 10
ip address 10.212.5.1 255.255.255.0
access-group INTERFW_IN in interface INTERFW
access-list INTERFW_IN extended permit ip any any log
interface GigabitEthernet0/3
channel-group 3 mode active
no nameif
no security-level
no ip address
!
interface GigabitEthernet0/4
channel-group 3 mode active
no nameif
no security-level
no ip address
root@> ping 10.212.5.1
PING 10.212.5.1 (10.212.5.1): 56 data bytes
ping: sendto: No route to host
ping: sendto: No route to host
^C
--- 10.212.5.1 ping statistics ---
2 packets transmitted, 0 packets received, 100% packet loss
root@> ping 10.212.5.254
PING 10.212.5.254 (10.212.5.254): 56 data bytes
ping: sendto: No route to host
ping: sendto: No route to host
any idea what I am missing?