Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
349
Views
4
Helpful
5
Replies

ASA Primary / Secondary ( Active / Failover ) part number required

zeshan_un_nabi
Level 1
Level 1

‎08-07-2014 05:12 AM - edited ‎03-11-2019 09:35 PM

Hi,

I have Cisco ASA 5520 with VPN Plus license. I have to procure second unit and run it as Failover / Secondary unit.

what ASA part number should I buy so that I may have active / failover functionality with my above existing unit.

should i consider "ASA5520-BUN-K9" ?

Labels:
0 Helpful
5 Replies 5

nkarthikeyan
Level 7
Level 7

‎08-08-2014 11:47 AM

Hi Zeshan,

Answer for your question.

Q. Do I need to buy the same licenses for the secondary unit in a failover pair?

A. No. Starting with Version 8.3(1), you do not have to have matching licenses on both units. Typically, you buy a license only for the primary unit; the secondary unit inherits the primary license when it becomes active. In the case where you also have a separate license on the secondary unit (for example, if you purchased matching licenses for pre-8.3 software), the licenses are combined into a running failover cluster license, up to the model limits.

 

Encryption license—Both units must have the same encryption license.

 

Regards

Karthik

zeshan_un_nabi
Level 1
Level 1
In response to nkarthikeyan

‎08-10-2014 10:46 PM

Hi Karthik,

Thanks for your reply.

so it means that if i purchase "ASA5520-BUN-K9" with VPN plus license then i would be able to run my ASAs as primary / Secondary ( Active / Failovers ) units. I am talking about pre-8.3 software version. My ASA Software version is 7.2 and i also want to keep it same on new ASA unit because i am not comfortable with 8.3 or higher.

if above understanding is not correct then please let me know the model/part number details that i need to buy for my secondary ASA to run in active / failover senario.

 

0 Helpful

nkarthikeyan
Level 7
Level 7
In response to zeshan_un_nabi

‎08-10-2014 10:51 PM

HI Zeshan,

Yeah. Your understanding is correct... But as Marvin commented, that is an EOL/EOS announced model, you might not get the required new one via authorized channels.....

Pre-8.3 version - You should have the exact matching features/license on both devices....

 

Regards

Karthik

0 Helpful

zeshan_un_nabi
Level 1
Level 1
In response to nkarthikeyan

‎08-10-2014 11:03 PM

Thanks Karthik for explanation.

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame

‎08-08-2014 06:59 PM

Karthik is correct in general.

However, the ASA 5520 is end of sales since Fall 2013. You will not be able to buy a new one via authorized Cisco channels.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card