failover with subinterfaces in ASA 5520

Unanswered Question
Nov 13th, 2007
User Badges:


I need more DMZs than physical interfaces in my ASA 5520, so I configure subinterfaces and vlans. When I applied the failover config I saw in the subinterfaces a "Not-monitored" message and failover doesn't work if the physical interface is down.

Interface DMZ27 ( Normal (Not-Monitored)

Interface DMZ28 ( Normal (Not-Monitored)

Interface DMZ29 ( Normal (Not-Monitored)

I tried to use physical interface for monitoring but It doesn't pass traffic and vlan configuration is not allowed.

Any suggestion?

Thanks in advance.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 1 (1 ratings)
hadbou Mon, 11/19/2007 - 15:29
User Badges:
  • Bronze, 100 points or more

you can have sub interfaces (dot1q tagged) on the ASA, and you can define one as a primary Internet connection, and another as a secondary.


This Discussion