Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2434
Views
0
Helpful
2
Replies

HSRP heartbeat between failover pair

indra
Level 1
Level 1

‎09-29-2009 11:20 AM - edited ‎03-11-2019 09:20 AM

Hi,

I have 2 ASA 5520 working in a statefull Active/Failover mode connected to two different routers which are working in HSRP. Now the routers are always taking a Active Active state as the HSRP heartbeats and communications are getting blocked by the ASA in between the failover pair.

Is there a solution to achieve this other than introducing a switching layer between the firewall bundle and the router bundle.

Pls help & suggest.

Regards,

Indrajit

Labels:
0 Helpful
2 Replies 2

Yudong Wu
Level 7
Level 7

‎09-29-2009 02:35 PM

Your design does not sound right to me. Not sure why you would like to do this.

For HSRP implementation, there should be a layer 2 link between two routers. In general, it is realized by connecting both routers to a switch.

By the way, HSRP packet is sent to destination IP multicast address 224.0.0.2 on User Datagram Protocol (UDP) port 1985.

0 Helpful

indra
Level 1
Level 1
In response to Yudong Wu

‎09-29-2009 03:28 PM

yes i know that it doesnt work this way but was looking for a work around in any as there needs to be an extra investment just to connect the firewalls to the HSRP routers. Thanks anyways for your time.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card