Is it possible to connect two ASAs in active active manner as shown in the attached diagram? Can I assign same subnet addresses to two interfaces on an ASA?
Alternatively, does the current ASA code allow the same VLAN ID to be used across two interfaces?
What I mean is, on the ASA can we use an SVI (VLAN interface) instead of a physical interface and then assign two or more physical ports to the 'inside' VLAN and connect each port back to the core/distribution layer, I was wondering if this is technically feasible?
Pls advise. I had posted this in general but doesn't seem to get the due audience so am taking the liberty of posting it again here!!
All I wanted to ask was that the connectivity between ASA 5540s in the attached design diagram (each ASA seems to be multihomed to switches) and connected to one router at the enterprise edge, practially doable?
This design has been provided to us by a consultant who insists that this can be done but according to my knowledge, we cannot assign same subnet IPs to two interfaces on a Firewall.
Yes...as you suggested, I can use Active/Active Failover design but that design will not look like this.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :