Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASA failover after upgrading one license key

hi

I have 2 ASA 8.2(5) firewalls for failover.

ASA 1 for active and ASA 2 for standby.

and,

in order to get ssh AES function I upgraded ASA 1 license key.

but the failover is off since now the software between 2 firewalls is not the same.

(after that I configure some thing new on ASA 1 as well)

I want to upgrade the license key for ASA 2.

so that the failover can work again.

do I need to clear failover configuration on ASA 2 first then upgrade the license key on it?

(in case the ASA 2 becomes active and replicates its configuration to ASA 1)

or should I configure "no failover active" on ASA 2 to avoid it to be active role?

I am new on this issue.

so please do me a favor.

Thank you very much,

  • Firewalling
1 ACCEPTED SOLUTION

Accepted Solutions

ASA failover after upgrading one license key

Hi.

do I need to clear failover configuration on ASA 2 first then upgrade the license key on it?

(in case the ASA 2 becomes active and replicates its configuration to ASA 1)

or should I configure "no failover active" on ASA 2 to avoid it to be active role?

No need to remove the configuration, just do no failover and then failover.

NOTE: Starting on 8.3.1 and higher versions you do not need to have the same licenses on both boxes, so this issue will never happen again.

Example: You upgrade the license on the primary unit... Then the new license will be shared between both units.

And the cool thing is that: If you have one license on the primary for 10 SSL users and on the secondary for 2 SSL users then they will merged as a license for  12 SSL users on the primary unit.

When failover happens the new primary will use the 12 SSL user license.

Cool stuff right

For Networking Posts check my blog at http://laguiadelnetworking.com/


Cheers,

Julio Carvajal Segura

Looking for some Networking Assistance? Contact me directly at jcarvaja@laguiadelnetworking.com I will fix your problem ASAP. Cheers, Julio Carvajal Segura http://laguiadelnetworking.com
2 REPLIES

ASA failover after upgrading one license key

Hi.

do I need to clear failover configuration on ASA 2 first then upgrade the license key on it?

(in case the ASA 2 becomes active and replicates its configuration to ASA 1)

or should I configure "no failover active" on ASA 2 to avoid it to be active role?

No need to remove the configuration, just do no failover and then failover.

NOTE: Starting on 8.3.1 and higher versions you do not need to have the same licenses on both boxes, so this issue will never happen again.

Example: You upgrade the license on the primary unit... Then the new license will be shared between both units.

And the cool thing is that: If you have one license on the primary for 10 SSL users and on the secondary for 2 SSL users then they will merged as a license for  12 SSL users on the primary unit.

When failover happens the new primary will use the 12 SSL user license.

Cool stuff right

For Networking Posts check my blog at http://laguiadelnetworking.com/


Cheers,

Julio Carvajal Segura

Looking for some Networking Assistance? Contact me directly at jcarvaja@laguiadelnetworking.com I will fix your problem ASAP. Cheers, Julio Carvajal Segura http://laguiadelnetworking.com
New Member

ASA failover after upgrading one license key

thank you so much for the answer.

I will configure it and ask again if there is another issue.

thanks,

136
Views
0
Helpful
2
Replies