I dont know if this is the right place but Failover

Unanswered Question
Aug 7th, 2010
User Badges:

I have 2 ASA 5520's set

up in Active Passive failover. All the ports have ip's as required and all the ports are b

eing monitored. Question.. If it failes to the second firewall will all the same port IP's a

nd access to vlans be the same?

also access to the managment network?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
ufuk guler Sat, 08/07/2010 - 13:33
User Badges:

Hello Perry,

                If your primary firewall fails, secondary firewall will undertake all active configurations. That means secondary firewall works with existing ip addresses which are assigned to primary firewall.

Ufuk Guler

Magnus Mortensen Sat, 08/14/2010 - 19:39
User Badges:
  • Cisco Employee,

Perry, to follow up with what Ufuk said, if a failover occurs, the 'now active' firewall will start using the active IPs and MACs. The firewall will then send out a gratuitous arp so that all the switches know that the active MAC now resides on the port connected to the 'now active' firewall. The failover should be seamless to the end users.   - Magnus

Posted from my mobile device.


This Discussion