09-29-2009 11:20 AM - edited 03-11-2019 09:20 AM
Hi,
I have 2 ASA 5520 working in a statefull Active/Failover mode connected to two different routers which are working in HSRP. Now the routers are always taking a Active Active state as the HSRP heartbeats and communications are getting blocked by the ASA in between the failover pair.
Is there a solution to achieve this other than introducing a switching layer between the firewall bundle and the router bundle.
Pls help & suggest.
Regards,
Indrajit
09-29-2009 02:35 PM
Your design does not sound right to me. Not sure why you would like to do this.
For HSRP implementation, there should be a layer 2 link between two routers. In general, it is realized by connecting both routers to a switch.
By the way, HSRP packet is sent to destination IP multicast address 224.0.0.2 on User Datagram Protocol (UDP) port 1985.
09-29-2009 03:28 PM
yes i know that it doesnt work this way but was looking for a work around in any as there needs to be an extra investment just to connect the firewalls to the HSRP routers. Thanks anyways for your time.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide