Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Assigning Interfaces for ASA 5510

Hi,

I'm setting up two 5510's.

e0/0 and e0/1 are GIG

e0/2 e0/3 and management are 100Mb

At the moment I have my outside assigned to e0/0 and inside on e0/1.

I was wondering if its ok to use on of the 100Mbs ports for the stateful failover connection or is that strongly reccomended against?

I want to keep the inside interface as GIG as it is connected to gig switches and doing inter vlan routing. So theres a lot of traffic going between sub interfaces.

I guess the other option is to conifgure the outside as 100mb. This is our internet link.

Any suggestions are very much appreciated.

Thanks.

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Assigning Interfaces for ASA 5510

You are correct. Because of CPU limitation, you can use the 100Mbps interface, however, I would still recommend you to use the fastest interface if you also have the additional 4 port interface module.

4 REPLIES
Cisco Employee

Re: Assigning Interfaces for ASA 5510

For stateful failover link, it is strongly recommended to use the fastest interface of the ASA especially if you have a lot of traffic. Otherwise, it will not

cope with the replication of the states if you are not using the fastest interface of the ASA.

Here is the URL for your reference:

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/failover.html#wp1051759

(scroll down to the "Failover Interface Speed for Stateful Links" section)

Hope that helps.

Community Member

Re: Assigning Interfaces for ASA 5510

Thanks Halijenn

What is confusing me is the following from the link you provided.

"

Cisco ASA 5510 and PIX 525

Stateful link speed can be 100 Mbps,  even though the data interface can operate at 1 Gigabit due to the CPU  speed limitation.

"

Is this stating I can just use the 100Mb interface because the CPU limitation is restricting the speed of the failover information to 100Mbs only?

Thanks.

Cisco Employee

Re: Assigning Interfaces for ASA 5510

You are correct. Because of CPU limitation, you can use the 100Mbps interface, however, I would still recommend you to use the fastest interface if you also have the additional 4 port interface module.

Community Member

Re: Assigning Interfaces for ASA 5510

ok thank you. I do not have the additional 4 ports.

Many thanks

240
Views
0
Helpful
4
Replies
CreatePlease to create content