Cisco ASA 5550 - best practice on failover setup?

Unanswered Question
Dec 17th, 2008

We have 2 x ASA 5550 - they have 1GB Lan interfaces. Should we use a spare GB ethernet interface on each box for LAN based failover given that the managment i/face is only 100MB? I think we can use a x-over ethernet cable bewteen both firewalls for lan based failover. Is this correct? Thanks.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Collin Clark Wed, 12/17/2008 - 06:33

The interface for failover must be at least of the same capacity as the interfaces that pass regular traffic... It is suggested that you use the LAN for failover, however a cross-over cable will work.

Hope that helps.

ajagadee Wed, 12/17/2008 - 07:28

Peter,

Yes, I would use the Gig Interface for LAN Based Failover to make sure that you have sufficient capacity during actual stateful failover.

Also, with 7.0 code and higher you can use cross over cable for failover. Prior to 7.0, you had to use a switch. Ofcourse, this applies for Pix Only because the ASA do not have any 6.x code.

Regards,

Arul

*Pls rate if it helps*

Actions

This Discussion