Custom Search

To advertise on this site email advertise@goatnetworking.com

ASA failover configuration with one (1) crossover cable

Site Admin
User avatar
Posts: 368
Joined: Wed Jan 04, 2012 2:36 pm

ASA failover configuration with one (1) crossover cable

Postby admin » Thu Jul 26, 2012 11:27 am

The Cisco ASA 5500 high availability configuration can be configured with either 1 or 2 connections between the primary and standby ASA's.

Cisco recommends using two 1 gig connections between the two ASA's.
When the situation does not allow for two available 1 Gig ports to be used for STATE and FAILOVER, you can configure the system to use a single 1 Gig port.

**Cisco does not recommend this because it is possible that the STATE and FAILOVER traffic may exceed the 1 Gig port capacity.

If you choose to use a single 1 Gig connection, here is how to do it.

PRIMARY UNIT

failover ==> Enables Failover
failover lan unit primary ==> Tells this unit to be the primary unit, use "secondary" for the secondary unit
failover lan interface <NAMEIF> GigabitEthernet<SLOT/PORT> ==> Assigns nameif and port for the failover link
failover link <NAMEIF> ==> Assigns STATE to a port by using it's nameif
failover interface ip <NAMEIF> <IP ADDRESS OF PRIMARY UNIT> <SUBNET MASK> standby <IP ADDRESS OF SECONDARY UNIT> ==> Assigns IP's to the primary and standby unit

---EXAMPLE---

failover
failover lan unit primary
failover lan interface folink GigabitEthernet0/3
failover link folink
failover interface ip folink 192.168.1.1 255.255.255.252 standby 192.168.1.2

SECONDARY UNIT

failover
failover lan unit secondary
failover lan interface folink GigabitEthernet0/3
failover interface ip folink 192.168.1.1 255.255.255.252 standby 192.168.1.2

Return to Network Security

Twitter Facebook

Who is online

Users browsing this forum: No registered users and 1 guest