Just need some reassurance on the set up of failover for ASA 5510.
Due to the limitations on Public IP Address I have only been allocated 1 usable IP address for the outside interface. I am sure that for Failover that the only unique IP address on each unit if on the management interface to allow for the state tables and configuration to be shared.
I did the course around a year and a half ago and have not had the opportunity to work on once since, however a lot of the guides on cisco show that the ASA use a unique IP on all the interfaces.
At the moment the customer has a single PIXwith an IP (eg) 220.127.116.11 on this there is a /29 network. default gateway is 18.104.22.168
As there are no spare IP address within that range on the outside interface I was hoping that the primary would have the IP of 22.214.171.124 on the outside interface and that I would not need to set an unique IP on the Secondary ASA outside; it would only assume the IP address of 126.96.36.199 in the event of the primary failing. If this is not possible the customer will need to obtain a new block of public IPs
I can put unique private IPs for the management Interfaces to transfer state tables/configs etc and for the LAN default gateways my issue is only on the outside interface
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...