Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA actice/standby with subinterface

I try to configure active/standby with ASA5520 Version 8.0(2). In configuration guide I read:

The if_name argument assigns a name to the interface specified by the phy_if argument. The phy_if argument can be the physical port name, such as Ethernet1, or a previously created subinterface, such as Ethernet0/2.3.

But when I try to do this, I get an error message:

ERROR: Can not configure failover interface on a shared physical interface

What is going wrong?

New Member

Re: ASA actice/standby with subinterface

If I recall correctly from my ASA setup (about 14 months ago so I could be mistaken), we tried setting our failover interface on a sub-interface and it didnt work. I then took a look at some Cisco documentation and they suggest that you use a dedicated interface for Failover (that is what we did). We have 1 interface for failover, 1 for DMZ, 1 for Outside and 1 for Inside and everything is functioning correctly. I am trying to find the link I used from Cisco when researching this, but I am fairly sure that was what I came up with.

Hope this helps


New Member

Re: ASA actice/standby with subinterface

I have the same experience with the dedicated interface but CISCO said it must work with a subinterface too! I do not like to use one interface only for failover.

New Member

Re: ASA actice/standby with subinterface

I think you can use a redundant interface but you can not use a subinterface for teh failover link. For stateful failover link you can share even with a regular data link but it is not recommended and the ASA will issue out a warning.

CreatePlease to create content