Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

any actual problem with using xover for lan based failover?

Has anyone had any actual problem as a result of using a crossover cable for LAN based failover between ASAs?

The documentation "recommends" that you do not use a xover but rather than you go through a switch but this seems like a bunch of unnecessary hassle.

Your thoughts?

4 REPLIES

Re: any actual problem with using xover for lan based failover?

Hi,

We have 2 pairs of ASAs using Xover cables for failover. We even experiences a failover with no issues.Do not see a specific reason to use switch.

hth

MS

Gold

Re: any actual problem with using xover for lan based failover?

Its better to use a switch because if one firewall goes down, so does the failover interface on the active firewall, when using the x/over cable. That's not to say it won't work with the x/over cable - it's just better not to. I've done it both ways with equal success though.

Community Member

Re: any actual problem with using xover for lan based failover?

thats kinda what I figured....one FO interface fails and neither firewall knows if it is the bad one or the good one..?

Community Member

Re: any actual problem with using xover for lan based failover?

I was just thinking about this and it seems kind of pointless...you will have the same problem if the switch that both FO interfaces are plugged into fails because both FWs will see their FO interface go down.

So its just a question of which fails more frequently? A switch or a FW interface?

I have never seen a PIX interface fail so...im gonna say the switch.

120
Views
0
Helpful
4
Replies
CreatePlease to create content