12-17-2008 03:02 AM - edited 03-11-2019 07:26 AM
We have 2 x ASA 5550 - they have 1GB Lan interfaces. Should we use a spare GB ethernet interface on each box for LAN based failover given that the managment i/face is only 100MB? I think we can use a x-over ethernet cable bewteen both firewalls for lan based failover. Is this correct? Thanks.
12-17-2008 06:33 AM
The interface for failover must be at least of the same capacity as the interfaces that pass regular traffic... It is suggested that you use the LAN for failover, however a cross-over cable will work.
Hope that helps.
12-17-2008 07:28 AM
Peter,
Yes, I would use the Gig Interface for LAN Based Failover to make sure that you have sufficient capacity during actual stateful failover.
Also, with 7.0 code and higher you can use cross over cable for failover. Prior to 7.0, you had to use a switch. Ofcourse, this applies for Pix Only because the ASA do not have any 6.x code.
Regards,
Arul
*Pls rate if it helps*
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: