Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASA appliance Transparent mode - Active Active failover

have the following infrastructure:-

User VLAN (15 - 20) Cisco Access switches --->Cisco 65xx (Layer 3 switch) -----Vlan50---Servers.

Vlan 15 - 20 -----192.168.x.1 / 24 onwards ( where x corresponds to the VLAN number)

Vlan 50 - 192.168.50.y / 24 (where y corresponds to end host IP address)

I want to place the ASA 5520 between Cisco 65xx & the servers, in Active - Active mode.

One of the requirement of Active/Active mode is the need to configure Multiple contexts in the firewall. For multiple context, each context typically uses a different subnet. You can use overlapping subnets, but your network topology requires router & Nat configuration to make it possible from a routing standpoint.

Is it possible configure transparent mode (active ? active failover) without multiple contexts within 192.168.50.y network? If yes, how & If not, what are the possible alternatives to implement the ASA between the Core 65xx switch (VLAN 50) & the servers (192.168.50.y), in active / active failover mode?

Regards

4 REPLIES
Silver

Re: ASA appliance Transparent mode - Active Active failover

Yes, it's possible . for this set up you need to have special license

New Member

Re: ASA appliance Transparent mode - Active Active failover

Hello,

Thanks for the feedback.

Any idea on the type of license required?

As per Cisco Engineers feedback, one needs to configure multiple context with different subnets & there is no other alternative.

Regards

Bronze

Re: ASA appliance Transparent mode - Active Active failover

What about a FWSM in the 6.5K Chassis. AFAIK the FWSM is also able to do single or multi context in transparent mode. So you have everything you need on the 6.5K Chassis.

http://www.cisco.com/en/US/products/hw/switches/ps708/products_module_configuration_guide_chapter09186a0080577c38.html#wp1201980

New Member

Re: ASA appliance Transparent mode - Active Active failover

The customer has placed an order for the ASA appliance, which can do FW + IPS. As per my knowledge, the FWSM can be configured as a firewall only.

Regards

374
Views
0
Helpful
4
Replies