Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

Pix 535 Failover interface

I have a question concerning the stateful failover interface.  I'm reading through the 8.0 guide, and i came across this blurb concerning the interface for failover:

Use the following failover interface speed guidelines for Cisco PIX security appliances and Cisco ASA adaptive security appliances:

Cisco ASA 5520/5540/5550 and PIX 515E/535 The stateful link speed should match the fastest data link

this appears to be a recommendation, rather than hard/fast requirement.

Does anybody know if you HAVE to use one of the gig interfaces for this?  I'd like to use one of the 100mbps interfaces for this failover.

thanks in advance.


Cisco Employee

Re: Pix 535 Failover interface

If you have 4 gig interfaces pushing traffic, all of that state information has to go through the 100 mb link that you are thinking about.  You have read the document where Cisco recommends to use the state interface the same as the fastest interface that you are using for data.

Especially if you do http replication, this 100mb link may not be enough and that purely depends on the traffic that you push through this unit.


New Member

Re: Pix 535 Failover interface


But, in my case, this is a Test and Dev environment...the failover is strictly for our network testing / network configuration purposes...not production.

there will be a large number of servers in the T&D, but basically, I have 1 gig uplinks from the core switches to the PIX's, since I cant bundle interfaces to give me better throughput...1 gig is the fastest interface I have...

CreatePlease to create content