Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

ASA5510 Port Failover

Hi

I have an ASA5510 and I would like to implement something like this: have two ports patched in and ready but only one active, the other one in standby (when the first one goes down the other port comes up and all the traffic goes down this way), all these on one physical box. So, it's basically like port failover on the same box. I hope it makes sense.

Has anyone done this before? How do you achieve this?

Many thanks

Elena

Everyone's tags (2)
1 ACCEPTED SOLUTION

Accepted Solutions

ASA5510 Port Failover

Hi There

Yes, you can have 2 physical Ethernet ports within a Cisco ASA connected to your Cisco Switch in FORWARDING and BLOCKING state. In the event, the port that’s in FORWARDING state goes DOWN, the other port that was previously in BLOCKING state, will now start to FORWARD the network traffic. This method is called Cisco ASA Redundant interface and the delay values are configurable.

However, if you were to ask me personally, I would rather opt for both links to be ACTIVE. This can be done in a Cisco ASA with v8.4 and above. This method is called Cisco ASA EtherChannel. The above method Cisco ASA Redundant interface, is old school, if you know wat I mean :-)

Listed below are URLs for your further reference;

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/intrface.html#wp1045838

https://supportforums.cisco.com/thread/228123

P/S: If you think this comment is useful, please do rate them nicely :-) and select the option “This Question is Answered”

Warm regards, Ramraj Sivagnanam Sivajanam Technical Specialist/Service Delivery Manager – Managed Service Department
1 REPLY

ASA5510 Port Failover

Hi There

Yes, you can have 2 physical Ethernet ports within a Cisco ASA connected to your Cisco Switch in FORWARDING and BLOCKING state. In the event, the port that’s in FORWARDING state goes DOWN, the other port that was previously in BLOCKING state, will now start to FORWARD the network traffic. This method is called Cisco ASA Redundant interface and the delay values are configurable.

However, if you were to ask me personally, I would rather opt for both links to be ACTIVE. This can be done in a Cisco ASA with v8.4 and above. This method is called Cisco ASA EtherChannel. The above method Cisco ASA Redundant interface, is old school, if you know wat I mean :-)

Listed below are URLs for your further reference;

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/intrface.html#wp1045838

https://supportforums.cisco.com/thread/228123

P/S: If you think this comment is useful, please do rate them nicely :-) and select the option “This Question is Answered”

Warm regards, Ramraj Sivagnanam Sivajanam Technical Specialist/Service Delivery Manager – Managed Service Department
340
Views
0
Helpful
1
Replies
CreatePlease to create content