cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1309
Views
0
Helpful
3
Replies

ASA Virtual MAC issue

Tony MALPASS
Level 1
Level 1

i have a failover pair of ASA 5520 running ver 8.2. When the primary fails the secondary gets to use primarys Ip and mac address. If the  new primary is now re-booted i lose network connectivity. This is because its now using its burned-in mac address. The question i have is this...can i once the seconday has become the primary use the "mac-address" command on the interfaces and assign it the virtual mac address that is being used at present.This is so that when this box is rebooted it will use this mac address and not cause any network issues.?

3 Replies 3

Jennifer Halim
Cisco Employee
Cisco Employee

Yes, you can definitely use the virtual MAC address to prevent the network outage as described.

Here is a little further explaination of the virtual MAC address for your reference:

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/ha_active_standby.html#wp1097271

Hope that answers your question.

Nagaraja Thanthry
Cisco Employee
Cisco Employee

Hello,

You can just use the virtual MAC instead of real MAC for the failover setup.

Failover mac address 00C1.1111.1111 00C1.2222.2222

In this example, the active device will assume the MAC of 00C1.1111.1111 for the interface and the standby will assume the other MAC. When the failover happens, the new active device takesover the MAC. In this way, even if the other device comes up, it will either use its burned in MAC or the secondary MAC.

Hope this helps.

Regards,

NT

Will it cause issues if the burned in mac addresses are used as the virtual mac addresses? Or will the cause issues in the case where the secondary comes up first and assumes the active state using the mac addresses off the primary? Some delay in applying the virtual mac addresses or something on the primary?

Or is it a better idea to define your own random mac addresses and use those instead as the virtual mac addresses?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: