Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

Internet connectivity issue with ASAs configured for failover

 

Problem

When the two ASAs are configured for failover there is an Internet connectivity issue as the only available ISP is connected only to the active ASA and not the standby device. Also, the primary ASA has the IP address assigned to it and not the secondary ASA since no extra IP address is available. How can we connect both the ASAs to the only ISP so that Internet connectivity is not lost during failover?

Resolution

Connect the outside interfaces of both the ASAs and the intenet cable from ISP to a switch so that both the ASAs have the internet connectivity and failover happens smooth.

 

Eventhough the IP address is assigned only to the primary ASA outside interface the failover will work foine on the ASA. The only thing you will not be able to do is to monitor the outside interface for failover. Monitoring on the outside interface needs to be disabled as there is no spare IP address available for the outside interface. All other interfaces can be monitored for failover and even the hardware failover will happen as required.

 

Source:https://supportforums.cisco.com/thread/2176697?tstart=0

Version history
Revision #:
2 of 2
Last update:
‎08-28-2017 02:13 AM
Updated by:
 
Labels (1)
Contributors