Hi.I have a question regarding ASA and VLANs.The situation is like this in a remote office I will get the link to our central office and our internet link over the same physical optical cable but different VLANS(one tagged,other untagged).
I did some reading and it seems the best thing to do is to make 2 subinterfaces on the physical interface,put them in different VLANs and assign them corresponding IP addresses(like on a router).Am I on the right path here or should something else be done to male such a configuration work?
And there is another question I wanted to ask regarding the internet link. From the pictures I received from there are 2 sets of IP addresses.One set is for a point-to-point link between the ASA and the providers equipment.But the other set is marked as a directed IP route(rough translation,don't know if translation is correct) with 4 usable IP addresses.As the ASAs will be in failover and I need 2 IP addresses because of that should I use the 2nd larger range?
The security appliance supports two failover configurations, Active/Active Failover and Active/Standby Failover. Each failover configuration has its own method to determine and perform failover. With Active/Active Failover, both units can pass network traffic. This lets you configure load balancing on your network. Active/Active Failover is only available on units that run in multiple context mode. With Active/Standby Failover, only one unit passes traffic while the other unit waits in a standby state. Active/Standby Failover is available on units that run in either single or multiple context mode. Both failover configurations support stateful or stateless (regular) failover.