Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

ASA multi-site configuration question

We have just had two internet lines installed and active 20mb and a backup 2mb. The two lines are in different sites connected by a LES 1000 for Disaster recovery - both sites are in the same town.

I need to configure some ASA firewalls to support the lines and have the one on the 20mb active with another on the 2mb passive. As far as I can see there are two ways of doing this.

1. Use LAN-based failover with one firewall on each site.

2. Keep the firewalls seperate broadcast routes into my ospf network (as a /32 address) with different costs to ensure traffic always goes to the primary device.

As an added complication the devices will be running IPSec VPNs.

Any advise of how best to proceed would be very useful.

I have attached a diagram of the current plan for information.

Giles Cooper


Re: ASA multi-site configuration question

The configuration guide for configuring firewaal on ASA is present in the following url which will be useful to you in configuring firewall on ASA.Examples of configs are also present.

CreatePlease to create content