I'm trying to configure Active/Active in 2 new ASA5525 using the Wizard. Just to begin, both ASA5525 G0/3 is connected to a dumb switch and configured with LAN IP 10.1.1.1/24 & 10.1.1.2/24 respectively. ASDM has been enabled on that LAN interface and both unit can reach each other.
When I tried to use the HA Wizard, it failed at Step 2 of 7, as shown in the attached screenshot.
Appreciate your kind advise on this. What other initial configurations need to be done?
From my PC, I can reach both firewall and connect via ASDM directly. So, you're saying I need to add 'ssl encryption aes256-sha1' for the ASDM peer testing to work properly? Cause for my PC to connect to firewall ASDM, I've changed the encryption to rc4-sha1. So, will it be best if I enable all the encryption?
Yes, primary firewall can reach secondary firewall via ping. I've also tested the HA setup using CLI and is working fine. Just want to solve the problem why wizard is not working.
Anyway, before starting the wizard, I only connect port 1 of primary firewall to port 1 of secondary firewall. Configure an IP and both able to ping to each other. Then, I just connect to ASDM via management port of primary firewall to start the wizard.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...