ASA 5510 Failover

Answered Question
Apr 8th, 2010

I have a

single ASA 5510 as a main Firewall , on the edge of my network. in case of any outage the of the firewall the complete network goes down, now i want to connect another ASA, so i have redudency . Which is the best possible method also if i go for ASA failover feature in place of HSRP do i have to get additional licence?

I have this problem too.
0 votes
Correct Answer by Kureli Sankar about 6 years 8 months ago

You would want a switch on the outside of the ASA as well. Some people have two for redundancy.

You would plug both the ASAs and the router on to this switch on the outside.

Follow sample here: http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/ref_examples.html#wp1028629

-KS

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Federico Coto F... Thu, 04/08/2010 - 16:35

Hi,

Both ASAs should be indentical in terms of hardware and licenses.

The software version is not a requirement to match.

So, if your 5510 has a module or a license, the new 5510 should have them as well.

Regarding the configuration you can have the normal Active/Standby Failover or Active/Active Failover if doing virtualization.

Federico.

imranraheel Sun, 04/11/2010 - 13:50

Thnaks for the update guys. Basically my Current net

work is like,

Internet

     >
     >

    ASA

     >

     <

     3750

Also i have a single WAN cable from the service provider directly connected to the ASA(Primary Interface), how can i connetc a failover ASA, whould i be requiring another WAN interface link from Service provider ?

Actions

This Discussion