Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Enabling failover on ASA5520 VLAN interfaces

I want to set up my VLAN interfaces for failover monitoring. These VLAN interfaces are off the inside interface. The inside interface is being monitored. Currently, by default the VLAN interfaces are not being monitored. These VLAN interfaces are already configured with a standby address.

What is the best approach to configuring monitoring on them?

Do I just simply configure a failover interface IP address on the VLAN interface using a subnet different from my other monitored interfaces?

Or is it completely not necessary to enable failover on the VLAN's since the inside is already being monitored. Cannot find a yes/no answer in any texts.

  • Firewalling

Re: Enabling failover on ASA5520 VLAN interfaces

Hi, If you look at this link diagram you have inside side , outside switch , and the pair of ASA in the middle one active and other in standby, both interfaces are being monitored.

The answer to your question is yes, you need to configured for each vlan subinterface or interface on the ASA a failover to have the interface monitored.


ASA_Primary: outside ip

ASA_Primary: inside_IP

ASA_Secondary: outside IP

ASA_Secondary: outside ip

interface Ethernet0/0

description outside

nameif outside

security-level 0

ip address standby

interface Ethernet0/1

nameif inside

security-level 100

ip address standby

interface Ethernet0/2

description LAN Failover Interface

interface Management0/0

description STATE Failover Interface


same principle above applies for asa subinterfaces if u are doing dot1q trunking.


failover lan unit primary

failover lan interface failover Ethernet0/2

failover link state Management0/0

failover interface ip failover standby

failover interface ip state standby


PLS rate any helpful posts

This widget could not be displayed.