I have two ASA 5520 appliances running 7.0(4). I use the Management0/0 interface as a connection to the Internet as it is only 100mbps.
That leaves me four Gigabit interfaces to use with DMZ architecture.
I tried to configure active/standby failover using VLAN interfaces on one physical Gigabit interface. The documentation says this is possible and I don't want to burn a whole Gigabit physical interface just on failover -that is an expensive waste of hardware.
The failover confguration would not work despite indentical VLAN interfaces on each member.
Does anybody have any thoughts as to why sub-interfaces, running in isolated VLANs do not work with failover??