Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Correct procedure to replace failed secondary ASA unit

Hello

i just received a RMA for failed ASA 5520 that was acting as secondary unit in multicontext configuration. What would be correct procedure to install it back in production? Do i need to restore backed up config of the fallen unit or is it just enough to enable multimode and connect to existing (primary) unit? Any good link for documentation that deal with this issues would be also appreciated.

Thanks in advance

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: Correct procedure to replace failed secondary ASA unit

Configure the ASA for failover communication and as a secondary unit. This is done from the system context so yes you need to switch it into the multiple context routed mode. Power the asa on and connect only the failover communication interface. This will make sure that it is seen by the primary as failed. Once the failover communication is up, and the configutation synchronisation and connection replicatiin are over, connect the traffic interfaces.

This is pretty much it. Hope it helps.

Sent from Cisco Technical Support iPad App

5 REPLIES

Correct procedure to replace failed secondary ASA unit

Red

Correct procedure to replace failed secondary ASA unit

Here you go:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080834058.shtml

Varun Rao

Thanks, Varun Rao Security Team, Cisco TAC
New Member

Re: Correct procedure to replace failed secondary ASA unit

Configure the ASA for failover communication and as a secondary unit. This is done from the system context so yes you need to switch it into the multiple context routed mode. Power the asa on and connect only the failover communication interface. This will make sure that it is seen by the primary as failed. Once the failover communication is up, and the configutation synchronisation and connection replicatiin are over, connect the traffic interfaces.

This is pretty much it. Hope it helps.

Sent from Cisco Technical Support iPad App

New Member

Re: Correct procedure to replace failed secondary ASA unit

Thanks Marko,

that did the trick.

Regards,

New Member

Re: Correct procedure to replace failed secondary ASA unit

You are welcome.

Regards,

Marko

2347
Views
5
Helpful
5
Replies