ASAs use keepalive packets between eachother that are sent over the failover link. By using the keepalive packets, the standby ASA monitors the health status of the Active ASA. If the standby ASA stops recieving keepalive packets from the active ASA it will send out 3 test packets, out the monitored interfaces. that is to say it will send test packets out the actual interfaces that will trigger a failover if one of them fails. If the standby ASA still does not recieve a reply from the active ASA it will now assume that the active ASA is dead and will take over the role as active ASA.
The failover link is also used to replicate the configuration between the active and standby ASAs.
The state link is used to replicate the state table and other relevant active connection information.
-- Please remember to rate and select a correct answer
Please remember to rate and select a correct answer
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...