any actual problem with using xover for lan based failover?

Unanswered Question
Apr 30th, 2009

Has anyone had any actual problem as a result of using a crossover cable for LAN based failover between ASAs?

The documentation "recommends" that you do not use a xover but rather than you go through a switch but this seems like a bunch of unnecessary hassle.

Your thoughts?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
mvsheik123 Thu, 04/30/2009 - 12:00


We have 2 pairs of ASAs using Xover cables for failover. We even experiences a failover with no issues.Do not see a specific reason to use switch.



srue Fri, 05/01/2009 - 06:25

Its better to use a switch because if one firewall goes down, so does the failover interface on the active firewall, when using the x/over cable. That's not to say it won't work with the x/over cable - it's just better not to. I've done it both ways with equal success though.

slug420 Fri, 05/01/2009 - 09:47

thats kinda what I FO interface fails and neither firewall knows if it is the bad one or the good one..?

slug420 Fri, 05/01/2009 - 11:05

I was just thinking about this and it seems kind of will have the same problem if the switch that both FO interfaces are plugged into fails because both FWs will see their FO interface go down.

So its just a question of which fails more frequently? A switch or a FW interface?

I have never seen a PIX interface fail gonna say the switch.


This Discussion