Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA at DR site

Hi there,

Any ideas on how to keep ASA at DR site in sync?

Thanks

Naresh

Sent from Cisco Technical Support iPhone App

4 REPLIES

ASA at DR site

Hi Naresh,

This depends on how you want to design your DC and DR centres.... Based on the infra what you have in DC and DR can answers your question. In most of the DC and DR setup we have 2 Pairs of ASA which is running in HA (Act/Stdby or Act/Act) failover mechanisms. Thats up to you how u want to have a design for your DC and DR.

I suggestyou to have the routing to be configured in such a way that if the DC firewalls goes down it should get routed to the DR firewalls which can take the traffic further. Else an another way is to have the HA between the DC and DR which is an another way. You can refer the below document which will have some brief overview about the datacentre setup and scenario's.

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/design_guide_c22-624431.html

New Member

ASA at DR site

Hi there,

   Thanks for the response. Sorry I should have been more clear. I do have redundancy of hardware. As DR site is in a geographically separate location, when I make changes to the primary site, is there a way to sync ASA at DR site? Currently I have to make changes manually.

Thanks

--Naresh

VIP Purple

ASA at DR site

The Cisco Security Manager (CSM) as an enterprise management system could help you to keep your configs in sync for your changes.

http://www.cisco.com/en/US/partner/products/ps6498/index.html

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni


--
Don't stop after you've improved your network! Improve the world by lending money to the working poor: http://www.kiva.org/invitedby/karsteni
New Member

Re: ASA at DR site

Thanks, anyway I can avoid using CSM and still be able to do it?

Sent from Cisco Technical Support iPhone App

411
Views
0
Helpful
4
Replies
CreatePlease login to create content