ASA Active/Standby Failover

Answered Question
Aug 26th, 2009

Is there a way to configure an ASA Active/Standby pair to automatically transition back if the secondary is active and the primary comes back online?

I have a pair that will not transition from the secondary when the primary comes back online. I have to open a session with the primary and force the failover back manually.

Thanks

I have this problem too.
0 votes
Correct Answer by Jon Marshall about 7 years 3 months ago

Robert

Unfortunately no there isn't. If you run the firewalls in active/active mode you can achieve what you want by using failover groups but these are not available in active/standby.

So you either do it manually as you are or you could conceivably write a script in TCL or Perl that logged onto the firewalls every x number of minutes and if the standby was active and the primary had come back up and was in standby mode the script could force the failover.

Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Loading.
Correct Answer
Jon Marshall Wed, 08/26/2009 - 06:43

Robert

Unfortunately no there isn't. If you run the firewalls in active/active mode you can achieve what you want by using failover groups but these are not available in active/standby.

So you either do it manually as you are or you could conceivably write a script in TCL or Perl that logged onto the firewalls every x number of minutes and if the standby was active and the primary had come back up and was in standby mode the script could force the failover.

Jon

Actions

This Discussion