5510 redundancy question

Unanswered Question
Aug 25th, 2010

setting up redundant 5510's with an outside interface an inside interface and a dmz interface.  The question is, will the standby unit go to active if ANY of the 3 interfaces goes down?  i.e. if the primary interface f0/2 nameif dmz goes down, will the standby unit go active?  or does it take the inside or outside interface for to go down before it switches over?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Allen P Chen Wed, 08/25/2010 - 15:12

Hello,

By default, a single interface failure causes failover.  You can specify a  specific number of interfaces or a percentage of monitored interfaces  that must fail before a failover occurs.

To change the default failover criteria, enter the following command in global configuration mode:

hostname(config)# failover interface-policy num[%]

This is mentioned in the ASA configuration guide here:

http://www.cisco.com/en/US/partner/docs/security/asa/asa80/configuration/guide/failover.html#wp1075905

Hope that helps!

w951duu Wed, 08/25/2010 - 15:16

So by default, any single interface failing will cause fail over? (which is what I want)

Allen P Chen Wed, 08/25/2010 - 15:26

Hello,

Yes, that is correct.  By default, if a failure occurs on any single interface that is being monitored, a failover will occur.

Are you using physical interfaces on the ASA or logical subinterfaces?  If you are using physical interfaces, then by default all physical interfaces are monitored for failover.  This is mentioned here:

By default, monitoring physical interfaces is enabled and monitoring subinterfaces is disabled.

http://www.cisco.com/en/US/partner/docs/security/asa/asa80/configuration/guide/failover.html#wp1073911

If you are using logical subinterfaces, then you will specially need to enable monitoring with the command:

monitor-interface

Thanks!

Actions

This Discussion