Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1136
Views
15
Helpful
1
Replies

ASA 5520 Transparent Firewall Failover config

arumugasamy
Level 1
Level 1

‎10-04-2007 12:13 AM - edited ‎03-11-2019 04:20 AM

Hello Pros,

Could any one give the config scripts for the ASA 5500 pair failover configuration in transparent mode.

I configured it as transparent but the failover task is left to do.

Please give the cmds for the failover for the transparent mode not for routed mode.

Thnaks

swami

Labels:
0 Helpful
1 Reply 1

ajagadee
Cisco Employee
Cisco Employee

‎10-04-2007 05:10 AM

Hi,

-- Primary unit --

pixfirewall(config)# sh runn

: Saved

:

PIX Version 7.0(1)

firewall transparent

names

!

interface Ethernet0

nameif outside

security-level 0

!

interface Ethernet1

nameif inside

security-level 100

!

interface Ethernet2

description LAN/STATE Failover Interface

!

enable password xxx

passwd xxx

hostname pixfirewall

boot system flash:/image.bin

ftp mode passive

pager lines 24

mtu outside 1500

mtu inside 1500

ip address 172.23.58.52 255.255.255.224 standby 172.23.58.53

failover

failover lan unit primary

failover lan interface flink Ethernet2

failover lan enable

failover link flink Ethernet2

failover interface ip flink 10.0.4.1 255.255.255.0 standby 10.0.4.11

monitor-interface outside

monitor-interface inside

no asdm history enable

arp timeout 14400

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00

timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00

timeout uauth 0:05:00 absolute

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp

telnet timeout 5

ssh timeout 5

console timeout 0

!

policy-map global_policy

!

service-policy global_policy global

Cryptochecksum:xxx

: end

pixfirewall(config)#

--

pixfirewall(config)# sh runn

: Saved

:

PIX Version 7.0(1)

firewall transparent

names

!

interface Ethernet0

nameif outside

security-level 0

!

interface Ethernet1

nameif inside

security-level 100

!

interface Ethernet2

description LAN/STATE Failover Interface

!

enable password xxx

passwd xxx

hostname pixfirewall

boot system flash:/image.bin

ftp mode passive

pager lines 24

mtu outside 1500

mtu inside 1500

ip address 172.23.58.52 255.255.255.224 standby 172.23.58.53

failover

failover lan interface flink Ethernet2

failover lan enable

failover link flink Ethernet2

failover interface ip flink 10.0.4.1 255.255.255.0 standby 10.0.4.11

monitor-interface outside

monitor-interface inside

no asdm history enable

arp timeout 14400

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00

timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00

timeout uauth 0:05:00 absolute

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp

telnet timeout 5

ssh timeout 5

console timeout 0

!

policy-map global_policy

!

service-policy global_policy global

Cryptochecksum:xxx

: end

pixfirewall(config)#

Failover Configuration URL:

http://www.cisco.com/en/US/docs/security/asa/asa70/configuration/guide/failover.html

I hope it helps.

Regards,

Arul

** Please rate all helpful posts **

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card