04-08-2010 04:33 PM - edited 03-11-2019 10:30 AM
I have a
single ASA 5510 as a main Firewall , on the edge of my network. in case of any outage the of the firewall the complete network goes down, now i want to connect another ASA, so i have redudency . Which is the best possible method also if i go for ASA failover feature in place of HSRP do i have to get additional licence?
Solved! Go to Solution.
04-11-2010 01:57 PM
You would want a switch on the outside of the ASA as well. Some people have two for redundancy.
You would plug both the ASAs and the router on to this switch on the outside.
Follow sample here: http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/ref_examples.html#wp1028629
-KS
04-08-2010 04:35 PM
Hi,
Both ASAs should be indentical in terms of hardware and licenses.
The software version is not a requirement to match.
So, if your 5510 has a module or a license, the new 5510 should have them as well.
Regarding the configuration you can have the normal Active/Standby Failover or Active/Active Failover if doing virtualization.
Federico.
04-08-2010 07:05 PM
You can review this link for failover requirements:
http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/ha_overview.html#wp1077521
-KS
04-11-2010 01:50 PM
Thnaks for the update guys. Basically my Current net
work is like,
Internet
>
>
ASA
>
<
3750
Also i have a single WAN cable from the service provider directly connected to the ASA(Primary Interface), how can i connetc a failover ASA, whould i be requiring another WAN interface link from Service provider ?
04-11-2010 01:57 PM
You would want a switch on the outside of the ASA as well. Some people have two for redundancy.
You would plug both the ASAs and the router on to this switch on the outside.
Follow sample here: http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/ref_examples.html#wp1028629
-KS
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide