ASA 5510 and Failover

Unanswered Question
Apr 4th, 2008


I have 2 ASA 5510 SEC-BUN

I want to enable failover.

I have this configuration :

Ethernet 0/0 : Outside

Ethernet 0/1 : Inside

Ethernet 0/2 : DMZ

I follow the example : How to configure Failover on ASA, and i can read that i need two interface :

One for Lan Failover Interface and One for State Failover Interface.

I have no more two Interface , I have only one free (Ethernet 0/3).

The Cisco documentation do not recommend to use the Management Interface.

Thanks for your help

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
srue Fri, 04/04/2008 - 06:30

you can use eth0/3 as both the failover interface and the stateful interface.

abhisheksen Fri, 04/04/2008 - 06:41

First you configure failover in primary firewall(do not power on the sec.)

you have to put this commands:

interface Ethernet0/3

description LAN/STATE Failover Interface

speed 100

duplex full


failover lan unit primary

failover lan interface FAILOVER_ETH3 ethernet0/3

failover lan enable

failover polltime unit 5 holdtime 15

failover link FAILOVER_ETH3 Ethernet0/3

failover interface ip FAILOVER_ETH5 standby

After entering these commands power on the sec. device and issue the command:

failover lan unit secondary

I think this is all you required.


This Discussion