Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
437
Views
0
Helpful
1
Replies

ASA5520 and Cisco 2821 HSRP peers

Go to solution
fsebera
Level 4
Level 4

‎07-28-2010 06:49 AM - edited ‎03-11-2019 11:17 AM

I have a need for out-of-the-box setup.

I need my ASA5520 and Cisco 2821 router to peer via HSRP.

The ASA5520 should always be ACTIVE and processing ALL traffic unless the ASA5520 is down (determined via IP SLA, BOOLEAN logic) and then the router becomes the active peer.

Anytime the HSRP peer router is active, the router should forward traffic to the backup site.

The backup site will have the same setup as primary so both sites can be active/active full time.

Asymetric routing issue will not be an issue in this specific case but thanks for thinking about this issue too.

FYI, I have pasted this in Routing and switching fourm too.

Comments please!!!

Thanks

Frank

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Nagaraja Thanthry
Cisco Employee
Cisco Employee

‎07-28-2010 06:56 AM

Hello,

The firewall cannot participate in HSRP. In order to achieve what you are

looking for, the best approach in my opinion is to configure the router as

default gateway for your network. On the router you can configure a floating

default route pointing to the ASA and have another default route that points

to the remote site. You can track connectivity to ASA's default gateway

through IP SLA. So, if the ASA goes down the object tracking will force the

router to remove the floating static route and send all traffic to remote

destination.

Hope this helps.

Regards,

NT

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Nagaraja Thanthry
Cisco Employee
Cisco Employee

‎07-28-2010 06:56 AM

Hello,

The firewall cannot participate in HSRP. In order to achieve what you are

looking for, the best approach in my opinion is to configure the router as

default gateway for your network. On the router you can configure a floating

default route pointing to the ASA and have another default route that points

to the remote site. You can track connectivity to ASA's default gateway

through IP SLA. So, if the ASA goes down the object tracking will force the

router to remove the floating static route and send all traffic to remote

destination.

Hope this helps.

Regards,

NT

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card