cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
487
Views
0
Helpful
1
Replies

ASA Active/Passive.. Pre Wizard config question.


Hi All,

I have a quick question regarding configuring active/passive failover.

Lets say I have 2 5510's.

I plan on using;

1 interface for lan failover(LANFAIL)
1 interface for  statefull failover (STATEFULLFAIL)

I already have a bunch of other interfaces(physical/logical) configured

outside
dmz

and subinterfaces on my inside networks, i.e

e0/1.2
e0/1.3
e0/1.4
.
.
.
etc


Now I seem to be reading conflicting documentation regarding what configuration I need to configure BEFORE I run the highscalability wizard.


Do I just need to configure a single IP on my secondary firewall say on e0/1.2 on the same lan as e0/1.2 on my primary and ensure that my laptop can reach it for ASDM?

OR do I have to configure a "secondary IP" for each interface configured on the primary? or is this only neccessary for those interfaces I wish to "manage" the secondary firewall through? The reason I ask is because I have a lot of subnets configured.

Also do I need to configure IP addressing on my lan failover and statefull failover interfaces? or is that just done as part of the high scalability wizard?


Many thanks.

1 Reply 1

Jitendriya Athavale
Cisco Employee
Cisco Employee

you will need to give primary and secondary ip on all interfaces

all you need to do on the secondary is to put those 6 to 7 commands

here is the doc

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00807dac5f.shtml

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: