Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

3 ASA firewalls in failover or cluster??

We have 2 sites with 2 ASA 5520s on Site A and a 3rd ASA 5520 on Site B.

We have the 2 ASAs at Site A set as Active/Passive failover.

We would like the firewall at Site B to also be part of this failover in the event of Site A being unavailable. Is this possible?

We have a dedicated link between the 2 sites so linking the firewalls for heartbeats etc.. is not an issue.

Is this a valid setup? Is there a better way to achieve this?

1 REPLY
New Member

Re: 3 ASA firewalls in failover or cluster??

This is not possible. You're better off using routing to control ourbound routing around a failure. Use object tracking to generate the default route and redistribute into your IGP.

On the outside NAT to unique address space and you're good to go.

237
Views
0
Helpful
1
Replies
CreatePlease to create content