Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
719
Views
5
Helpful
7
Replies

ASA 8.0 redundant interfaces

mikedelafield
Level 1
Level 1

‎07-09-2008 02:57 AM - edited ‎03-11-2019 06:11 AM

hi.

i have successfully tested interface failover in version 8.0 of the ASA code; used with 2 switches to help in the event of switch failure

but given i currently use all 4 interfaces (outside, inside, DMZ1, DMZ2) i would require a total of 8 to provide full interface redundancy in this case

clearly i could buy a 4 port module in this case but i was wondering if there is any other way of doing it;

possibly using a trunk link for all 4 vlans into gigabitethernet0/0 and using gigabitethernet0/1 as the redundant interface for the trunk link of the 4 vlans.

is this possible? is there a more obvious solution than this?

please help

Labels:
0 Helpful
7 Replies 7

a.alekseev
Level 7
Level 7

‎07-09-2008 03:10 AM

If you need more interfaces there is no sense to buy additional card.

Use VLAN's

0 Helpful

nikuhappy2010
Level 1
Level 1
In response to a.alekseev

‎07-31-2008 09:36 PM

Hi, Can you send a link of configuration example. Thanks

0 Helpful

Magnus Mortensen
Cisco Employee
Cisco Employee

‎07-11-2008 08:42 PM

Its easy...

Step1) Create a redundant interface based off of two physical interfaces... lets call that interface Redundant1....

Step2) Create subinterfaces off of Redundant1 for the inside, outside and DMZ's.

interface Redundant1.10

nameif inside

yadda yadda yadda...

Make sense?

mikedelafield
Level 1
Level 1
In response to Magnus Mortensen

‎07-31-2008 09:30 PM

Hi thanks for your reply.

so i am to create a redundant interface for the Physical pair of interfaces rather than redundant interfaces for each of the various physical sub-interfaces?

Or will both work?

What is the difference with both approaches?

0 Helpful

nikuhappy2010
Level 1
Level 1
In response to Magnus Mortensen

‎07-31-2008 11:06 PM

Hi, Request to you, please post all configuration as a example so that I can understand in better way. It will be greatful for us. Thanks.

0 Helpful

mikedelafield
Level 1
Level 1
In response to nikuhappy2010

‎08-01-2008 12:54 AM

I have no configuration yet as i have not decided on the plan.

I am using 3 interfaces on 1 single ASA 5520 (total of 4 interfaces)

Inside, Outside, DMZ

However i have 2 switches and in the event of switch failure i would like connectivity to the firewall to remain.

Hence the idea to use a redundant interface with subinterfaces??

0 Helpful

dphills18
Level 1
Level 1
In response to mikedelafield

‎10-27-2008 08:52 PM

when i try to configure redundant sub interfaces, i receive the following error.

ASA1(config)# interface Redundant 1.2

^

ERROR: % Invalid input detected at '^' marker.

ASA1(config)#

anyone have any suggestions

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card