Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
584
Views
0
Helpful
2
Replies

Pix 535 Failover interface

Bruce Summers
Level 1
Level 1

‎01-27-2010 11:12 AM - edited ‎03-11-2019 10:02 AM

I have a question concerning the stateful failover interface.  I'm reading through the 8.0 guide, and i came across this blurb concerning the interface for failover:

Use the following failover interface speed guidelines for Cisco PIX security appliances and Cisco ASA adaptive security appliances:

Cisco ASA 5520/5540/5550 and PIX 515E/535 The stateful link speed should match the fastest data link

this appears to be a recommendation, rather than hard/fast requirement.

Does anybody know if you HAVE to use one of the gig interfaces for this?  I'd like to use one of the 100mbps interfaces for this failover.

thanks in advance.

Bruce

Labels:
0 Helpful
2 Replies 2

Kureli Sankar
Cisco Employee
Cisco Employee

‎01-27-2010 07:33 PM

If you have 4 gig interfaces pushing traffic, all of that state information has to go through the 100 mb link that you are thinking about.  You have read the document where Cisco recommends to use the state interface the same as the fastest interface that you are using for data.

Especially if you do http replication, this 100mb link may not be enough and that purely depends on the traffic that you push through this unit.

-KS

0 Helpful

Bruce Summers
Level 1
Level 1
In response to Kureli Sankar

‎01-28-2010 06:54 AM

Understood,

But, in my case, this is a Test and Dev environment...the failover is strictly for our network testing / network configuration purposes...not production.

there will be a large number of servers in the T&D, but basically, I have 1 gig uplinks from the core switches to the PIX's, since I cant bundle interfaces to give me better throughput...1 gig is the fastest interface I have...

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card