Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
282
Views
0
Helpful
3
Replies

Cant Ping Sub-Interfaces (ASA 5520)

chrisbicm
Level 1
Level 1

‎06-14-2006 11:53 AM - edited ‎02-21-2020 12:58 AM

Hello,

I recently set up an Active/Standby failover configuration with 2 sub-interfaces configured on my g0/0 interface (g0/0.1 and g0/0.2) for some reason I cant ping either of these from my testing server (when the server is on the correct network and subnet to test the interface)? I am not sure whats going on... I included a print out of most of my current configuration.

interface GigabitEthernet0/0

no nameif

security-level 0

no ip address

!

interface GigabitEthernet0/0.1

vlan 10

nameif Outside1

security-level 0

ip address 66.38.x.x 255.255.255.224 standby 66.38.x.x

!

interface GigabitEthernet0/0.2

vlan 20

nameif Outside2

security-level 0

ip address 64.187.x.x 255.255.255.224 standby 64.187.x.x

!

interface GigabitEthernet0/1

nameif DMZ

security-level 100

ip address 10.10.x.x 255.255.255.0 standby 10.10.x.x

!

interface GigabitEthernet0/2

nameif Private

security-level 40

ip address 192.168.x.x 255.255.255.0 standby 192.168.x.x

!

interface GigabitEthernet0/3

description LAN/STATE Failover Interface

!

interface Management0/0

description STATE Failover Interface

no nameif

security-level 100

ip address 192.168.x.x 255.255.255.0

!

clock timezone EST -5

clock summer-time EDT recurring

pager lines 24

logging enable

logging monitor debugging

logging asdm informational

mtu Outside1 1500

mtu Outside2 1500

mtu DMZ 1500

mtu Private 1500

failover

failover lan unit primary

failover lan interface FoInt GigabitEthernet0/3

failover replication http

failover link FoInt GigabitEthernet0/3

failover interface ip FoInt 192.168.x.x 255.255.255.0 standby 192.168.x.x

monitor-interface Outside1

monitor-interface Outside2

Thanks,

Chris

0 Helpful
3 Replies 3

chrisbicm
Level 1
Level 1

‎06-14-2006 09:56 PM

Anyone have a suggestion?

0 Helpful

jbrunner007
Level 1
Level 1
In response to chrisbicm

‎06-15-2006 09:16 AM

i would say your layer 2 config for the switch attached to this is not setup properly... does the asa have a trunk with a switch, so its speaking 802.1q?

Joe

0 Helpful

chrisbicm
Level 1
Level 1
In response to jbrunner007

‎06-15-2006 12:12 PM

Joe,

I am using a Dell 2624 switch for testing.... do I need to set another sub-interface to act as a trunk line for the g0/0 interface then? Also just wondering if that switch will work with Sub-Interfaces.... or do I have to re-think my setup?

Thanks,

Chris

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card