failover with subinterfaces in ASA 5520

Unanswered Question
Nov 13th, 2007

Hi:

I need more DMZs than physical interfaces in my ASA 5520, so I configure subinterfaces and vlans. When I applied the failover config I saw in the subinterfaces a "Not-monitored" message and failover doesn't work if the physical interface is down.

Interface DMZ27 (172.18.244.126): Normal (Not-Monitored)

Interface DMZ28 (168.165.13.94): Normal (Not-Monitored)

Interface DMZ29 (172.18.244.94): Normal (Not-Monitored)

I tried to use physical interface for monitoring but It doesn't pass traffic and vlan configuration is not allowed.

Any suggestion?

Thanks in advance.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 1 (1 ratings)
Loading.
hadbou Mon, 11/19/2007 - 15:29

you can have sub interfaces (dot1q tagged) on the ASA, and you can define one as a primary Internet connection, and another as a secondary.

Actions

This Discussion