ASA 5520 HA Question

Answered Question
Feb 20th, 2012
User Badges:

Here is the scenario,


We have 2x ASA 5520's in an HA pair (Active/Standby), we need to connect the outside interfaces to two other ASA 5520 also in an HA pair (Active/Standby).


My question is can the outside interfaces from the first pair of ASA's be connected directly to the outside interfaces of the other ASA, or do the outside interfaces of each local pair need to be able to talk to one another?

Correct Answer by Amit Rai about 5 years 5 months ago

outside interfaces on the ASA need to poll each other in active/standby failover pair to be sure that they are up and running. if you connect them directly to another pair of the ASA outside interfaces they wont be able to talk to each other.


you should have a switch in between the ASA pairs that will make it work.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
Amit Rai Mon, 02/20/2012 - 06:33
User Badges:

outside interfaces on the ASA need to poll each other in active/standby failover pair to be sure that they are up and running. if you connect them directly to another pair of the ASA outside interfaces they wont be able to talk to each other.


you should have a switch in between the ASA pairs that will make it work.

zac192000 Mon, 02/20/2012 - 21:47
User Badges:

Use a switch and give two static routes one of primary next hop Asa with higher metric and the other static route must be for failover route....


Sent from Cisco Technical Support iPad App

Actions

This Discussion