Active-Active firewall and virtual MAC address

Answered Question
Sep 29th, 2010

Hi All,

i have Active - Active firewall and want to change the firewall virtual MAC address.!!!

is it possible ?? and if it is ,how can i do it??

Thanks in advance,

Ayman

I have this problem too.
0 votes
Correct Answer by mirober2 about 6 years 3 months ago

Hi Ayman,

Yes, you can do this command for either failover group while you are in (config-fover-group)# mode.

Hope that helps.

-Mike

Correct Answer by mirober2 about 6 years 3 months ago

Hi Ayman,

Yes, you would do it within the failover group. Here is an example from the command reference:

http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/m.html#wp2026897

hostname(config)# failover group 2
hostname(config-fover-group)# secondary
hostname(config-fover-group)# preempt 100
hostname(config-fover-group)# mac address e1 0000.a000.a011 0000.a000.a012
hostname(config-fover-group)# exit

Hope that helps.

-Mike

Correct Answer by mirober2 about 6 years 3 months ago

Hi Ayman,

Yes, you can do this with the 'mac address' command. Here is the command reference;

http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/m.html#wp2026897

Hope that helps.

-Mike

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (3 ratings)
Loading.
ayman emara Wed, 09/29/2010 - 11:33

HI mike,

the commands are in active- standby mode.

is it applied also in active - actvie mode.

thanks

Ayman

Correct Answer
mirober2 Wed, 09/29/2010 - 11:36

Hi Ayman,

Yes, you would do it within the failover group. Here is an example from the command reference:

http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/m.html#wp2026897

hostname(config)# failover group 2
hostname(config-fover-group)# secondary
hostname(config-fover-group)# preempt 100
hostname(config-fover-group)# mac address e1 0000.a000.a011 0000.a000.a012
hostname(config-fover-group)# exit

Hope that helps.

-Mike

ayman emara Wed, 09/29/2010 - 12:15

Hi mike,

this will change the secondary MAC address only.

can i do this commands for the primary group also.

Regards,

Ayman yehia

Correct Answer
mirober2 Wed, 09/29/2010 - 12:42

Hi Ayman,

Yes, you can do this command for either failover group while you are in (config-fover-group)# mode.

Hope that helps.

-Mike

Actions

This Discussion