Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

COnfiguring active-active failover on Cicso ASA 5520

Hi everyone,

I have two Cisco ASA 5520 with active/active failover license and need to configure them as active/active pair.

Changed both firewalls to multiple context mode and configured primary firewall in admin context.

I would like to know one things

If I have only one context how can i configure the firewalls in Active/Active mode.

Dileep

3 REPLIES
joe Bronze
Bronze

Re: COnfiguring active-active failover on Cicso ASA 5520

Even if you technically are only using one context for your access-list rules, etc there will be the other contexts;

system - contains the allocate-interface commands, which assign fw interfaces or vlans to virtual firewalls

admin - used to administer the firewall or as the first context for access-list rules

context1 - contains server and workstation access-list entries, such as email, www, citrix, etc.

So when you say you are only using one context the others still exist.

-Joe

Re: COnfiguring active-active failover on Cicso ASA 5520

yes, Joe that's true.

But I have another isssue when I enabling the active/active failover on both firewall, the replication between them taking place and my dynamic NATing enteries working fine. But the static NAT entries failed. Could you please tell me what will be the problem and how to troubleshoot this .

Dileep

Re: COnfiguring active-active failover on Cicso ASA 5520

try to do

clear xlate

clear conn

or reload

some times this make problem i apllying the nating and nat polices if u have as well

by the way if u have one context u cant run active/active paractly

because active/active is run in a active/stnadby way but for multiple context u gonna make one active for this context and standby for other context and on the other firewall the same idea

if helpful Rate

156
Views
4
Helpful
3
Replies