asa 5505 switch and failover

Unanswered Question
Jan 12th, 2009

Hi,

I want to connect 2 ASA 5505's to each other and configure failover as active/passive.

That's not a big problem as i've done that before on a 5510.

However, now there will not be a seperate switch connected to the 5505's to facilitate server uplinks, instead, i will connect server A to ASA01 and server B to ASA02.

I want those servers to be in the same subnet and connected to eachother like it would be with a normal switch. And only 1 ASA should handle the traffic to the outside interface using failover.

Is this situation possible and how does the build-in 8 port switch function together with a failover configuration ?

I have 1 direct link between ASA01 and ASA02 to facilitate the failover link.

Should i connect another link to provide connection on a vlan between the 2 devices ?

The fact that the 5505 supports only 3 security zones is known to me.

So it will be an "outside" / "inside" / "failover" i guess ?

My main question is : Does de switch configuration sync between 2 5505's, or can i configure seperated ports that will not be synched because of the failover configuration.

Thanks in advance,

Regards,

Sebastian

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Anonymous (not verified) Tue, 01/20/2009 - 19:20

The configuration between 2 ASA's will be definately synced, however connecting one server to ASA1 and connectiong the other to ASA2 will not work. You will need to connect both of ther servers to both of the ASA's, because the standby ASA will only be listening and not actively participating in the server connectivity.

Actions

This Discussion