Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASA5510 ASA5510-K8 LAN Failover

Can these 2 models do LAN failover provided images and licensing are correct? The firewalls are identical except for the show version models, one is the "K8" variant, whatever that is.



Re: ASA5510 ASA5510-K8 LAN Failover

New Member

Re: ASA5510 ASA5510-K8 LAN Failover

Thanks for your reply. The referenced doc really doesn't say if the asa5510 and the asa5510-k8 are interoperable as regards failover. Have you set this up using the models in question?


Re: ASA5510 ASA5510-K8 LAN Failover

The ASA5510 and the ASA5510-K8 are the same hardware models. They both need to run the exact same OS for failover. Upgrade to 8.2(x) if possible.

FIREWALL# sh ver

Cisco Adaptive Security Appliance Software Version 8.2(1)

Compiled on Tue 05-May-09 22:45 by builders

System image file is "disk0:/asa821-k8.bin"

Config file at boot was "startup-config"

FIREWALL up 26 days 4 hours

failover cluster up 1 year 21 days

Hardware: ASA5510-K8, 256 MB RAM, CPU Pentium 4 Celeron 1600 MHz

Internal ATA Compact Flash, 256MB

Slot 1: ATA Compact Flash, 64MB

BIOS Flash AT49LW080 @ 0xffe00000, 1024KB

Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)

Boot microcode : CN1000-MC-BOOT-2.00

SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.03

IPSec microcode : CNlite-MC-IPSECm-MAIN-2.04

0: Ext: Ethernet0/0 : address is 0019.e8d9.46f2, irq 9

1: Ext: Ethernet0/1 : address is 0019.e8d9.46f3, irq 9

2: Ext: Ethernet0/2 : address is 0019.e8d9.46f4, irq 9

3: Ext: Ethernet0/3 : address is 0019.e8d9.46f5, irq 9

4: Ext: Management0/0 : address is 0019.e8d9.46f1, irq 11

5: Int: Internal-Data0/0 : address is 0000.0001.0002, irq 11

6: Int: Internal-Control0/0 : address is 0000.0001.0001, irq 5

Licensed features for this platform:

Maximum Physical Interfaces : Unlimited

Maximum VLANs : 100

Inside Hosts : Unlimited

Failover : Active/Active

VPN-DES : Enabled

VPN-3DES-AES : Enabled

Security Contexts : 2

GTP/GPRS : Disabled

SSL VPN Peers : 2

Total VPN Peers : 250

Shared License : Disabled

AnyConnect for Mobile : Disabled

AnyConnect for Linksys phone : Disabled

AnyConnect Essentials : Disabled

Advanced Endpoint Assessment : Disabled

UC Phone Proxy Sessions : 2

Total UC Proxy Sessions : 2

Botnet Traffic Filter : Disabled

This platform has an ASA 5510 Security Plus license.

Serial Number: 99999999

Running Activation Key: XXXX XXXX XXXX XXXX XXXX

FW# sh fail state

State Last Failure Reason Date/Time

This host - Primary

Active None

Other host - Secondary

Standby Ready Comm Failure 06:10:17 CST May 17 2009

====Configuration State===

Sync Done

Sync Done - STANDBY

====Communication State===

Mac set