Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
355
Views
0
Helpful
2
Replies

ASA Failover without Standby addresses

mikedelafield
Level 1
Level 1

‎04-15-2008 03:48 AM - edited ‎03-11-2019 05:31 AM

We have 2 ASA firewalls in Routed mode and Active/Standby failover.

If you do not configure Standby IP addresses for the interfaces is Normal (waiting) an expected behaviour?

This host: Primary - Active

Interface outside (217.112.81.130): Normal (Waiting)

Interface inside (10.102.1.1): Normal (Waiting)

Interface mgm (192.168.5.1): Normal (Waiting)

Other host: Secondary - Standby Ready

Interface outside (0.0.0.0): Normal (Waiting)

Interface inside (0.0.0.0): Normal (Waiting)

Interface mgm (0.0.0.0): Normal (Waiting)

I cannot find any definitive answers on the Cisco sites for this.

Help.

Labels:
0 Helpful
2 Replies 2

vitripat
Level 7
Level 7

‎04-15-2008 03:28 PM

Yes, this is normal. I would recommend that you set standby IP addresses on the interfaces else failovers will not occur if there is an interface failure. Refer following link for failover configurations-

http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/failover.html#wp1064158

Hope that helps.

Regards,

Vibhor.

0 Helpful

mikedelafield
Level 1
Level 1
In response to vitripat

‎04-15-2008 11:51 PM

sorry. failover DOES occur when an interface is disconnected or fails even without the standby addresses!

is this also normal? i can see no documentation where standby addresses have not been set

i'm still not 100% clear on this

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card