Redundant ASAs, only single IDS module in primary -- supported config?

Unanswered Question
Mar 14th, 2008

Stupid question:

If I have two ASAs, but only one IDS module, can I put the module in the primary ASA, configure it, and in the event of failover go without IDS functionality on the secondary?

Two questions:

1) Is this a Cisco supportable configuration?

2) Will the IDS configuration sync to the secondary and just be silently ignored so that the secondary will still function, or will the IDS configuration fail and break functionality on the secondary because it can't process the IDS configuration.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
abinjola Fri, 03/14/2008 - 15:22


Failover requires exact same hardware


IDS configs are not synched


This Discussion