We are replacing all of our PIX firewalls in our main data center with ASA 5550s. We have 7 pairs of the 5550s, what would be the best design scenario to setup the LAN/Stateful failover connection? The documentation states, you can have it plugged between each other or in a dedicated switch as long as there are no hosts, routers or security appliances on the same segment as the failover link.
We are thinking of having them plugged into a stack of 3750E switches, since we have the available ports on them. The primary firewall will plug into one of the switches in the stack and the secondary into the other switch in the stack with separate vlans for all of the pairs. Are there any issues with having them plugged into a cross stack?
as long as the failover/stateful interfaces have network connectivity to each other, it's fine. i don't recommend connecting them directly with a crossover though be/c it results in unpredictable behavior if one goes down - then the other thinks it's failover interface is down also.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...