cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
530
Views
0
Helpful
4
Replies

failover link inteface redundant

alexispino
Level 1
Level 1

hola estoy tratando de configurar un asa active/standby pero a su vez tratanto de que la interface failover link sea una interface redudant segun la documentacio es posible pero al  configurar me indica que una interface compartida no es factible , no encuentro la configuracion correcta son dos ASA5525X version

Cisco Adaptive Security Appliance Software Version 8.6(1)2

Device Manager Version 7.0(2)

4 Replies 4

Julio Carvajal
VIP Alumni
VIP Alumni

Hola Alex,

Podrias mostar la configuracion que estas tratando de ingresar en el ASA y que te muestra el asa?

For Networking Posts check my blog at http://www.laguiadelnetworking.com/category/english/

Cheers,

Julio Carvajal Segura

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

Hola Julio

claro no hay problema esta es la configuracion actual de mis interfaces y interfaces  redundantes quiero utilizar la interfaces G0/5 y G/6 como mi interface failover , no estoy seguro si funcionara?

interface GigabitEthernet0/5

no nameif

no security-level

no ip address

!

interface GigabitEthernet0/6

no nameif

no security-level

no ip address

!

interface GigabitEthernet0/7

description LAN/STATE Failover Interface

interface Redundant1

member-interface GigabitEthernet0/2

member-interface GigabitEthernet0/1

nameif inside

security-level 100

ip address 172.18.100.X 255.255.255.0 standby 172.18.100.X

!

interface Redundant2

member-interface GigabitEthernet0/0

member-interface GigabitEthernet0/3

nameif vpn-outside

security-level 0

ip address 10.245.245.x 255.255.255.0 standby 10.245.245.x

interface Redundant3

description Failover

member-interface GigabitEthernet0/5

member-interface GigabitEthernet0/6

no nameif

no security-level

no ip address

failover

failover lan unit primary

failover lan interface failover GigabitEthernet0/7

failover polltime unit msec 500 holdtime 3

failover key *****

failover replication http

failover link failover GigabitEthernet0/7

failover interface ip failover 172.32.254.1 255.255.255.252 standby 172.32.254.2

al configurar esta es la secuencia de error

VPN5525X-VLP(config)# no failover lan interface failover GigabitEthernet0/7

VPN5525X-VLP(config)# no failover link failover GigabitEthernet0/7

VPN5525X-VLP(config)#  failover lan interface failover redunda

VPN5525X-VLP(config)#  failover lan interface failover redundant3

INFO: Non-failover interface config is cleared on Redundant3 and its sub-interfaces

VPN5525X-VLP(config)# failover link failover Redunan

VPN5525X-VLP(config)# failover link failover Redundant3

VPN5525X-VLP(config)#

VPN5525X-VLP(config)#

VPN5525X-VLP(config)# exit

VPN5525X-VLP# sh run fa

ya esta configurado pero no estoy seguro si funcionara, Julio que asi configurado.

VPN5525X-VLP# sh run failover

failover

failover lan unit primary

failover lan interface failover Redundant3

failover polltime unit msec 500 holdtime 3

failover key *****

failover replication http

failover link failover Redundant3

VPN5525X-VLP#

Finalmente quedo de esta forma configurado, al parecer esta funcionando , te cuento cuando instale la unidad secundaria

interface GigabitEthernet0/5

description FAILOVER/LAN

!

interface GigabitEthernet0/6

description FAILOVER/LAN

interface Redundant3

description LAN/STATE Failover Interface

member-interface GigabitEthernet0/5

member-interface GigabitEthernet0/6

VPN5525X-VLP# sh run failover

failover

failover lan unit primary

failover lan interface failover Redundant3

failover polltime unit msec 500 holdtime 3

failover key *****

failover replication http

failover link failover Redundant3

failover interface ip failover 172.32.254.1 255.255.255.252 standby 172.32.254.2

VPN5525X-VLP# sh fa

VPN5525X-VLP# sh failover in

VPN5525X-VLP# sh failover interface

        interface failover Redundant3

                System IP Address: 172.32.254.1 255.255.255.252

                My IP Address    : 172.32.254.1

                Other IP Address : 172.32.254.2

VPN5525X-VLP# sh failover state

               State          Last Failure Reason      Date/Time

This host  -   Primary

               Active         None

Other host -   Secondary

               Not Detected   Comm Failure             07:34:28 UTC Jul 26 2013

====Configuration State===

====Communication State===

VPN5525X-VLP# sh failover statistics

        tx:255

        rx:0

VPN5525X-VLP# sh failover statistics

        tx:255

        rx:0

VPN5525X-VLP#

Buenas Alex,

La configuracion es la correcta, no deberias de presentar ningun problema,

For Networking Posts check my blog at http://www.laguiadelnetworking.com/category/english/

Cheers,

Julio Carvajal Segura

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: