Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Need advice on connecting a failover pair of ASA's to a 3750x stack

Hello,

I am designing to connect a failover pair of ASA's (active/standby) to a 3750x stack (L3 routing) of switches.

The 3750x stack will be the connection to the Internet.

Can I use this as the potential solution :

http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/interface_start.html#wp1336269

Attached is my proposed layout of  connectivity. The ASA's will be the gateway for all server traffic (  DMZ, App, DB, etc..), and the 3750's will server as L2 switches for all  server traffic, but will be the routers for Internet bound traffic. I  will be using a L3 SVI for the VLAN interface facing the Internet.

Any suggestions would be greatly appreciated.

1 REPLY

Need advice on connecting a failover pair of ASA's to a 3750x st

Your design looks reasonable to me. It's important to connect devices to different members of the stack like you did.

By looking at your diagram I'm not sure if you meant that each ASA has its own Portchannel or not. If you run active/standby scenario I believe you need one Portchannel per ASA.

Daniel Dib
CCIE #37149

Daniel Dib CCIE #37149 Please rate helpful posts.
334
Views
0
Helpful
1
Replies
CreatePlease to create content