- Gold, 750 points or more
I have had a good look on CCO and it seems that if the pair of PIX firewalls are less than 6-feet apart then use the serial-based failover. Since the ASA doesn't have this capability is this still the recommended way to deploy a failover pair of 515's?
I recently upgraded a failover pair of 515's to 7.2(4) from 6.3(5) - one has a UR license the other just the FO license. I converted the serial failover to LAN-Based and added State failover using the same link (cross-over cable). At the time I assumed this was the way to go, however we have had some odd issues where the FO unit doesn't seem to kick in when the primary one is powered off. I think this may be a result of the cross-over cable used for the failover link, however I not 100% sure. I tested failover onsite, but since then the customer has done some work (not config) and powered them off since and failover didn't seem to kick in.
I am just after the optimum hardware setup for a failover pair of 515's that are (at the moment) installed next to each other in the same rack.