03-22-2010 05:37 AM - edited 03-11-2019 10:24 AM
Folks,
Today I have a ASA running with Active/Standby mode in the same central site and now the new topology
is considering ASA Active/Standby mode but in different sites across a private WAN Link.
Is there any considerations on failover commands to avoid delay problems with failover link?
thanks a lot
03-22-2010 01:18 PM
Running failover through a WAN link is not recommended.
The units need to have L2 connectivity.
Delay and temporary packet loss over a wan link could cause any kind of issues to failover like active/active situations.
I hope it clarifies it a little.
PK
03-22-2010 02:21 PM
Hi Kampana,
thank for your attention,
let me tell you about that wan link , actually is a L2L link and we will have a L2 adjacency between them.
what do you think?
thanks a lot
03-22-2010 02:34 PM
People do this all the time. So, long as you have L-2 adjacency you should be good.
Pls. refer this link for commands: http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/ha_active_standby.html
-KS
03-22-2010 02:39 PM
Very good my friends,
thanks a lot
03-22-2010 02:40 PM
Still, even with L2L connectivity, there could be any kind of delays and drops through a WAN MPLS link.
If you running stateful failover I would avoid it.
It could work ok but depending on your connection rates and WAN status you could see hickups etc.
If it is not stateful then you might be able to get away with it.
PK
03-22-2010 05:39 PM
Hummmm,good tips my friend.
Our Lan2Lan link have 10Gig between sites but I will consider avoid running stateful failover.
thanks a lot
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: