09-29-2010 11:13 AM - edited 03-11-2019 11:47 AM
Hi All,
i have Active - Active firewall and want to change the firewall virtual MAC address.!!!
is it possible ?? and if it is ,how can i do it??
Thanks in advance,
Ayman
Solved! Go to Solution.
09-29-2010 11:25 AM
Hi Ayman,
Yes, you can do this with the 'mac address' command. Here is the command reference;
http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/m.html#wp2026897
Hope that helps.
-Mike
09-29-2010 11:36 AM
Hi Ayman,
Yes, you would do it within the failover group. Here is an example from the command reference:
http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/m.html#wp2026897
hostname(config)# failover group 2
hostname(config-fover-group)# secondary
hostname(config-fover-group)# preempt 100
hostname(config-fover-group)# mac address e1 0000.a000.a011 0000.a000.a012
hostname(config-fover-group)# exit
Hope that helps.
-Mike
09-29-2010 12:42 PM
Hi Ayman,
Yes, you can do this command for either failover group while you are in (config-fover-group)# mode.
Hope that helps.
-Mike
09-29-2010 11:25 AM
Hi Ayman,
Yes, you can do this with the 'mac address' command. Here is the command reference;
http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/m.html#wp2026897
Hope that helps.
-Mike
09-29-2010 11:33 AM
HI mike,
the commands are in active- standby mode.
is it applied also in active - actvie mode.
thanks
Ayman
09-29-2010 11:36 AM
Hi Ayman,
Yes, you would do it within the failover group. Here is an example from the command reference:
http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/m.html#wp2026897
hostname(config)# failover group 2
hostname(config-fover-group)# secondary
hostname(config-fover-group)# preempt 100
hostname(config-fover-group)# mac address e1 0000.a000.a011 0000.a000.a012
hostname(config-fover-group)# exit
Hope that helps.
-Mike
09-29-2010 12:00 PM
Thanks Mike it really helps
many many thanks
Ayman
09-29-2010 12:15 PM
Hi mike,
this will change the secondary MAC address only.
can i do this commands for the primary group also.
Regards,
Ayman yehia
09-29-2010 12:42 PM
Hi Ayman,
Yes, you can do this command for either failover group while you are in (config-fover-group)# mode.
Hope that helps.
-Mike
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide