Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

ASA Active/Passive.. Pre Wizard config question.


Hi All,

I have a quick question regarding configuring active/passive failover.

Lets say I have 2 5510's.

I plan on using;

1 interface for lan failover(LANFAIL)
1 interface for  statefull failover (STATEFULLFAIL)

I already have a bunch of other interfaces(physical/logical) configured

outside
dmz

and subinterfaces on my inside networks, i.e

e0/1.2
e0/1.3
e0/1.4
.
.
.
etc


Now I seem to be reading conflicting documentation regarding what configuration I need to configure BEFORE I run the highscalability wizard.


Do I just need to configure a single IP on my secondary firewall say on e0/1.2 on the same lan as e0/1.2 on my primary and ensure that my laptop can reach it for ASDM?

OR do I have to configure a "secondary IP" for each interface configured on the primary? or is this only neccessary for those interfaces I wish to "manage" the secondary firewall through? The reason I ask is because I have a lot of subnets configured.

Also do I need to configure IP addressing on my lan failover and statefull failover interfaces? or is that just done as part of the high scalability wizard?


Many thanks.

1 REPLY
Cisco Employee

Re: ASA Active/Passive.. Pre Wizard config question.

you will need to give primary and secondary ip on all interfaces

all you need to do on the secondary is to put those 6 to 7 commands

here is the doc

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00807dac5f.shtml

352
Views
0
Helpful
1
Replies
CreatePlease to create content