We have 2 separate sites linked via a 10MB connection with an ISP connection at each site (these ISPs are also or will be BGP peers for each other).
At each site there is 1 ASA firewall with a 10MB link to the alternate sites ASA firewall.
If the firewall on one site is unavailable I would like the 2nd firewall to take over as default route for all the subnets behind them. The heartbeat messages between the ASAs will take place over the 10MB dedicated link between the sites.
I would like to know the best way to set up. Ie... Cluster or Active / Passive Failover?
Furthermore if anyone has set up something similar to this and used a BGP resiliency solution from their ISP provider to do something like this before?
Thanks for your help