ASA actice/standby with subinterface

Unanswered Question
Oct 30th, 2007
User Badges:

I try to configure active/standby with ASA5520 Version 8.0(2). In configuration guide I read:


The if_name argument assigns a name to the interface specified by the phy_if argument. The phy_if argument can be the physical port name, such as Ethernet1, or a previously created subinterface, such as Ethernet0/2.3.


But when I try to do this, I get an error message:


ERROR: Can not configure failover interface on a shared physical interface


What is going wrong?



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
conversyschris Tue, 10/30/2007 - 08:39
User Badges:

If I recall correctly from my ASA setup (about 14 months ago so I could be mistaken), we tried setting our failover interface on a sub-interface and it didnt work. I then took a look at some Cisco documentation and they suggest that you use a dedicated interface for Failover (that is what we did). We have 1 interface for failover, 1 for DMZ, 1 for Outside and 1 for Inside and everything is functioning correctly. I am trying to find the link I used from Cisco when researching this, but I am fairly sure that was what I came up with.


Hope this helps

Chris

isk-admin Wed, 10/31/2007 - 00:13
User Badges:

I have the same experience with the dedicated interface but CISCO said it must work with a subinterface too! I do not like to use one interface only for failover.

hogoqo Wed, 10/31/2007 - 11:08
User Badges:

I think you can use a redundant interface but you can not use a subinterface for teh failover link. For stateful failover link you can share even with a regular data link but it is not recommended and the ASA will issue out a warning.

Actions

This Discussion