10-03-2008 03:43 AM - edited 03-06-2019 01:44 AM
hi,
I have placed ASA as the internet edge devices,the INSIDE of which connects to Cat 6500 switch. If I were to have redundant links from the ASA how can it be achieved. Would I need to define a second INSIDE etc on ASA and connect that to the second Cat 6500 switch. No idea?
Regards.
10-03-2008 03:54 AM
Hi,
You can implement failover with two ASA (on firewall side) and implement HSRP on Catalyst side.
Look at Failover Redundancy: http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/prod_configuration_examples_list.html
Configuring HSRP: http://www.cisco.com/en/US/docs/ios/ipapp/configuration/guide/ipapp_hsrp.html
I hope this helps.
Best regards.
Massimiliano.
10-03-2008 04:46 AM
Ok. But will HSRP be of any benefit if Cat 6500 (1) fails because in this case ASA failover will occur and it will anyways talk to the second Cat 6500.
Is it at all recommended to physically connect an ASA to two Cat 6500 switches. I mean that first ASA can continue communicating with the second Cat 6500 without failing over the second ASA due to first Cat 6500 failure.
10-04-2008 12:24 AM
On the same line, would GLBP be of any added benefit.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide