06-15-2010 06:17 AM - edited 03-11-2019 10:59 AM
Hi all,
I have a doubt.
I have 2 Cisco ASA5510 which are not identical.
Failover seems to work, with sh failover I have this situation
This host: Primary - Active
Active time: 2803 (sec)
slot 0: ASA5510 hw/sw rev (1.1/8.2(1)11) status (Up Sys)
Interface inside (10.11.5.102): Normal
Interface management (192.168.1.1): No Link (Waiting)
slot 1: empty
Other host: Secondary - Standby Ready
Active time: 7513 (sec)
slot 0: ASA5510 hw/sw rev (2.0/8.2(1)11) status (Up Sys)
Interface inside (10.11.5.101): Normal
Interface management (0.0.0.0): No Link (Waiting)
slot 1: empty
The secondary has 1024MB of RAM (flash 256MB), the primary has 256MB of RAM (=flash).
Could I have any problem because of these differences?
06-15-2010 06:21 AM
Hi,
The supported and recommended failover scenario from cisco is when you have both ASAs with exactly the same hardware and licenses (prior to 8.3).
So, the chassis, interfaces, RAM has to match. (flash not necessarily).
Both units should have the same licenses and same major software image.
Federico.
06-15-2010 03:37 PM
The ASAs will currently not check the RAM for failover. So they will be able to establish it fine.
I don't think you want to run it like this though, because in case you failover to the guy that has 256MB of RAM you might end up having issues and practically not be fully redundant.
I hope it helps.
PK
06-16-2010 06:59 AM
I configured as primary the firewall with less RAM.
In this way I am sure that, if failover happens, RAM on the secondary is not a problem.
06-16-2010 07:36 AM
Hmm, not the cleanest solution, but it makes sense.
Please rate helpful posts.
Rgs,
PK
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide