Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Config of stateful failover on ASA 5520

 

Hi Everyone,

 

Our client has ASA 5520 config for active/standby.

They are using Lan  Failover link and they have dedicated interface for it.

Rest all other interfaces are used up except the management interface

My question is can i config the stateful link also on Lan  failover interface?

Can we use same physical interface for both Lan and statefull failover?

 

Or

If i had some free port in both firewalls and if i config stateful failover link on that physical port will it cause any outage in the environment.

Can i use the management interface as statefull failover on both ASA?

 

Regards

Mahesh

1 ACCEPTED SOLUTION

Accepted Solutions
VIP Green

My question is can i config

My question is can i config the stateful link also on Lan  failover interface?

The failover link should be a dedicated interface, be that a dedicated subinterface or physical interface is up to you.  the stateful link can either share the failover link interface or can be configured to use a dedicated interface.
 

Can i use the management interface as statefull failover on both ASA?

Yes, you just need to issue the command no management-only under the mgmt interface.  Keep in mind you will have limited speed on this interface as it only supports 10/100.  So depending on how much stateful connections you need to replicate this could be a bad thing to do.

--

Please remember to select a correct answer and rate

-- Please remember to rate and select a correct answer
2 REPLIES
VIP Green

My question is can i config

My question is can i config the stateful link also on Lan  failover interface?

The failover link should be a dedicated interface, be that a dedicated subinterface or physical interface is up to you.  the stateful link can either share the failover link interface or can be configured to use a dedicated interface.
 

Can i use the management interface as statefull failover on both ASA?

Yes, you just need to issue the command no management-only under the mgmt interface.  Keep in mind you will have limited speed on this interface as it only supports 10/100.  So depending on how much stateful connections you need to replicate this could be a bad thing to do.

--

Please remember to select a correct answer and rate

-- Please remember to rate and select a correct answer
New Member

 Many thanks Maricus

 

Many thanks Maricus.

Regards

MAhesh

58
Views
0
Helpful
2
Replies