Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Active/active, or active/standby?

I have a new order for ASA with failover to be programmed. There will be two ASA5510, and an ASA5505 behind them. The requirements are CSC, S2S VPN, and client VPN. I will be routing a subnet of public IP's through the ASA to the 5505 which will be at another location on an MPLS network behind the ASA's.

So the question is, I see that A/A doesn't support VPN failover, but A/S does. Does that mean that in context mode, the VPN tunnel wont reconnect if a context fails over, IE only one context can be the VPN endpoint? I want to make sure I use the correct programming before I get started, since this is basically my first live failover configuration, up til now, all my programing has been on single units.

1 REPLY
Cisco Employee

Re: Active/active, or active/standby?

Does that mean that in context mode, the VPN tunnel wont reconnect if a context fails over, IE only one context can be the VPN endpoint?

ANS :

A/A failover does not even support vpn termination on ASA.

So,with vpn's your only option in active/standby failover.

Check :

http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/contexts.html#wp1116132

Check : unsupported features section.

Do rate helpful posts.

Regards,

Sushil

280
Views
0
Helpful
1
Replies
CreatePlease to create content