HSRP heartbeat between failover pair

Unanswered Question


I have 2 ASA 5520 working in a statefull Active/Failover mode connected to two different routers which are working in HSRP. Now the routers are always taking a Active Active state as the HSRP heartbeats and communications are getting blocked by the ASA in between the failover pair.

Is there a solution to achieve this other than introducing a switching layer between the firewall bundle and the router bundle.

Pls help & suggest.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Yudong Wu Tue, 09/29/2009 - 14:35
User Badges:
  • Gold, 750 points or more

Your design does not sound right to me. Not sure why you would like to do this.

For HSRP implementation, there should be a layer 2 link between two routers. In general, it is realized by connecting both routers to a switch.

By the way, HSRP packet is sent to destination IP multicast address on User Datagram Protocol (UDP) port 1985.


This Discussion