03-10-2008 03:24 AM - edited 03-11-2019 05:14 AM
We have 1 ASA firewall and 2 LAN switches. Can it be configured that the ASA connects in to both switches and in the event of switch failure connection to the firewall is still possible?
We have 4 interfaces on the ASA.
thanks
03-10-2008 03:45 AM
You cannot do this as the ASA will not allow to have the same IP subnet on 2 of its interfaces
If you need redundancy, then you require one more ASA box which can be configured for failover
Narayan
03-10-2008 05:24 AM
originally I didn't think it was possible
but i found a document relating to Redundant Interfaces.
http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/intrface.html#wp1045838
has anyone used this succesfully?
i know its a strange configuration, but it is a requirement we have on 1 of our sites
03-10-2008 07:20 AM
originally I didn't think it was possible
but i found a document relating to Redundant Interfaces.
http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/intrface.html#wp1045838
has anyone used this succesfully?
i know its a strange configuration, but it is a requirement we have on 1 of our sites
03-10-2008 08:17 PM
Mike,
That requires V8 code, which is still very early. I don't know that i'd be using it on a production system just yet.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: