Active-Active firewall and virtual MAC address

Answered Question
Sep 29th, 2010
User Badges:

Hi All,



i have Active - Active firewall and want to change the firewall virtual MAC address.!!!


is it possible ?? and if it is ,how can i do it??



Thanks in advance,


Ayman

Correct Answer by mirober2 about 6 years 8 months ago

Hi Ayman,


Yes, you can do this command for either failover group while you are in (config-fover-group)# mode.


Hope that helps.


-Mike

Correct Answer by mirober2 about 6 years 8 months ago

Hi Ayman,


Yes, you would do it within the failover group. Here is an example from the command reference:


http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/m.html#wp2026897


hostname(config)# failover group 2
hostname(config-fover-group)# secondary
hostname(config-fover-group)# preempt 100
hostname(config-fover-group)# mac address e1 0000.a000.a011 0000.a000.a012
hostname(config-fover-group)# exit


Hope that helps.


-Mike

Correct Answer by mirober2 about 6 years 8 months ago

Hi Ayman,


Yes, you can do this with the 'mac address' command. Here is the command reference;


http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/m.html#wp2026897


Hope that helps.


-Mike

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (3 ratings)
Loading.
ayman emara Wed, 09/29/2010 - 11:33
User Badges:

HI mike,


the commands are in active- standby mode.


is it applied also in active - actvie mode.



thanks


Ayman

Correct Answer
mirober2 Wed, 09/29/2010 - 11:36
User Badges:
  • Cisco Employee,

Hi Ayman,


Yes, you would do it within the failover group. Here is an example from the command reference:


http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/m.html#wp2026897


hostname(config)# failover group 2
hostname(config-fover-group)# secondary
hostname(config-fover-group)# preempt 100
hostname(config-fover-group)# mac address e1 0000.a000.a011 0000.a000.a012
hostname(config-fover-group)# exit


Hope that helps.


-Mike

ayman emara Wed, 09/29/2010 - 12:15
User Badges:

Hi mike,


this will change the secondary MAC address only.


can i do this commands for the primary group also.



Regards,


Ayman yehia

Correct Answer
mirober2 Wed, 09/29/2010 - 12:42
User Badges:
  • Cisco Employee,

Hi Ayman,


Yes, you can do this command for either failover group while you are in (config-fover-group)# mode.


Hope that helps.


-Mike

Actions

This Discussion