Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

Active/Standby failover


I am trying to setup two pairs of ASA 5510s which they will both be setup as Active/Standby. The failover interfaces will be connected via Ethernet to the same switch. Do the interfaces need to be on separate individual VLANs on the switch to work properly? Or do they only need to be on different IP subnets.

Reason I am asking is because the 2 pairs will not stay synchronized as a pair and I can't figure out why. The configs for each pair are identical as is the hardware, but the standby will always lose connection and default back to "ActNoFailOver" or "StdbyNoFailOver" status.

please help!

Cisco Employee

Re: Active/Standby failover

It is better if they are in a dedicated vlan because that vlan should not be seeing all kinds of broadcast packets etc since it is used for the failover communication. That is a recommendation though, not a requirement. Putting them in a vlan that is passing regular data will also work.

For the issue you are seeing you can do "sh fail history" to try to see why it is happening. It could be an interface mismatch.

I hope it helps.


CreatePlease to create content