Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Cluster ASA configuration without the failover cable

1.How can I make two firewalls cluster without the failover cable. I need to do failover from the inside. Is there any example configuration?

2.Which ports does the ipsec site-to-site vpn configuration use between two asa firewalls?

Regards....

1 REPLY

Re: Cluster ASA configuration without the failover cable

Hi,

On the ASA there's no need for a failover cable anymore (like PIXes)

You should use a dedicated Ethernet interface for failover communication between both ASAs.

Optionally, if you enable stateful failover, can use another or the same interface.

It is recommended to be the highest-speed interface on the device.

Take a look:

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/ha_overview.html

Normally, an IPsec L2L tunnel will use both E0 (outside) interfaces on the ASA.

Federico.

637
Views
0
Helpful
1
Replies