Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Help needed in ASA 5540 Cluster/Failover setup

Hello expert,

                    Currently we have two asa in our Datacenter setup as a Active/Standby failover setup and tested ie failover is working,(if one FW goes down), but what if a the uplink switches/links or backend switches go down, how does the active fw knows to failover ?

Current setup

          |                                        |

    ___|___                              __|___

---| SW 1 |------------------------ | Sw2   |     

    ----------                              -----------

          |                                        |

    ___|___                              __|___

---| FW 1 |------------------------ | FW-2 |     

    ----------                              ----------

          |                                        |

    ___|___                              __|___

---| SW 1 |------------------------ | Sw2   |     

    ----------                              -----------

In the above figure, FW1 is active and I have powerd off the uplink  SW1, but the FW2 did not take over, and the same for backend switches, So how do I configure my FW's so that any of the uplink or back end switches go down, the Active should give its role to standby to forward the traffice from a different switch ie sw2 in case sw1 goes down.

Or Is there any mechanisim where I can monitor the interfaces ie uplinks or back end links etc ?

Your help is appreciated.

Regards

6 REPLIES
Silver

Help needed in ASA 5540 Cluster/Failover setup

It seems that you have LAN link directly connected between the boxes, so the unit will determine that Primary/Active has interfaces that are inactive and failover. You should read:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00807dac5f.shtml

This link gives you the failover triggers and failover actions.

Value our effort and rate the assistance!
New Member

Re: Help needed in ASA 5540 Cluster/Failover setup

Thanks Jumora,

                        I will have a look into this and will let you know.

H Khan

VIP Purple

Re: Help needed in ASA 5540 Cluster/Failover setup

if the failure of a directly connected device (that results in a link-down event on the ASA) doesn't trigger the failover it's nearly always a misconfiguration of the "monitor-interface" commands where the config tells the ASA that an interface is not "important enough" to trigger a failover.

Sent from Cisco Technical Support iPad App


--
Don't stop after you've improved your network! Improve the world by lending money to the working poor: http://www.kiva.org/invitedby/karsteni
New Member

Re: Help needed in ASA 5540 Cluster/Failover setup

Thanks Karsten,

                        I will have a look into this and will let you know.

H Khan

Silver

Help needed in ASA 5540 Cluster/Failover setup

Please rate our assistance!!!

Value our effort and rate the assistance!
Silver

Help needed in ASA 5540 Cluster/Failover setup

any progress on this?

Value our effort and rate the assistance!
219
Views
0
Helpful
6
Replies
CreatePlease login to create content