Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

gateway redendancy between cisco ASA 5520 and cisco 2811

hi all,

actually im using a cisco asa 5520 as a default gateway to acessin/ publishing in the wan.

i have a cisco 2811 configured to replace the cisco asa in a case of problem, but the switch is made manually.

my lan switch is a 2 3560e configured with hsrp, so it is possible to make redendancy( failover)  between the cisco ASA 5520 and the cisco 2811 using a hsrp or other technic.

regards

2 ACCEPTED SOLUTIONS

Accepted Solutions

gateway redendancy between cisco ASA 5520 and cisco 2811

Hi,

Well, looks like you have only one internet line hooked up to ASA. So, doesnt see a point to have redundancy in terms of device when you have only one line available (i.e you always needs to swap across your internet line on another device).


Thanks

Vivek

Hall of Fame Super Silver

gateway redendancy between cisco ASA 5520 and cisco 2811

I do not believe that it is possible to configure any automatic failover between the ASA5520 and the 2811. And with a single Internet link it would limit any redundancy possibilities.

If you had two ASAs then you could look at configuring them as a failover pair and achieve redundancy that way. If you had two 2811s you could configure them with HSRP and achieve redundancy. But with 1 ASA5520 and one 2811 I believe that your only option for failover is the manual swap of connections.

HTH

Rick

11 REPLIES
Purple

gateway redendancy between cisco ASA 5520 and cisco 2811

Hi,

what do you want to know exactly? yes HSRP can track an interface and decrease priority of the active device so the standby device can take over. What else do you want to know?

Regards.

Alain

Don't forget to rate helpful posts.
New Member

gateway redendancy between cisco ASA 5520 and cisco 2811

so it is possible to make hsrp between 2 cisco different devices ?

gateway redendancy between cisco ASA 5520 and cisco 2811

Hi,

If i understand your question correctly. You have the below requirement

1) You have a Cisco ASA5520 which is a default gateway. My question on this, do you mean all your PC's have the default gateway pointing to the internal interface IP ?

2) Incase of the failure of your ASA5520, you tend to manually replace this with Cisco 2811 router.

3) You also mentioned you have two 3560E series switches. If i consider that ASA is the default gateway for all your PCs then your 3560 is being used as a Layer 2 device.

Does your topology looks like this?

Thanks

Vivek


New Member

gateway redendancy between cisco ASA 5520 and cisco 2811

hi,

this is my actual topology

lan--->(DG 2x3560E HSRP)--ip segmment in-->cisco ASA5520-->internet

and this what im lookin for

lan--->(DG 2x3560E HSRP)--ip segmment in-->cisco ASA5520 (primary) wan ip 1.1.1.1-->internet

                                                                   -->cisco 2811 (stby) wan ip 1.1.1.1-->internet

regards

Hall of Fame Super Silver

gateway redendancy between cisco ASA 5520 and cisco 2811

I do not believe that the ASA supports participation in HSRP. I searched the config guide for ASA and the only mention of HSRP was in how to allow HSRP frames to pass through the ASA when configured in transparent mode. So I believe that you will not be able to achieve the automated failover between the ASA and the 2811.

HTH

Rick

New Member

gateway redendancy between cisco ASA 5520 and cisco 2811

thanks Mr BURTS,

so there is no way to make fail over between those devices ?

regards

Hall of Fame Super Silver

gateway redendancy between cisco ASA 5520 and cisco 2811

I do not believe that it is possible to configure any automatic failover between the ASA5520 and the 2811. And with a single Internet link it would limit any redundancy possibilities.

If you had two ASAs then you could look at configuring them as a failover pair and achieve redundancy that way. If you had two 2811s you could configure them with HSRP and achieve redundancy. But with 1 ASA5520 and one 2811 I believe that your only option for failover is the manual swap of connections.

HTH

Rick

New Member

gateway redendancy between cisco ASA 5520 and cisco 2811

thanks Mr BURTS,

you answer is so clear.

in all cases i will buy another cisco 5520 for makin a ha cluster.

so i have a question, if actually have my asa workin to add another asa to mail active passive cluster, the new asa will replicate all the actual configuration or i have to set up or copy manually ?

Hall of Fame Super Silver

gateway redendancy between cisco ASA 5520 and cisco 2811

If you get another ASA5520 it is fairly easy to set it up in a HA failover pair. You only need a little bit of interface configuration on the second ASA so that the ASAs can communicate with each other. Then you activate failover. When this happens the backup ASA learns the configuration from the active ASA and then both ASAs share the same config. The active ASA will automatically copy any changes made in the config to the backup ASA so the config automatically stays in sync.

HTH

Rick

gateway redendancy between cisco ASA 5520 and cisco 2811

Hi,

Well, looks like you have only one internet line hooked up to ASA. So, doesnt see a point to have redundancy in terms of device when you have only one line available (i.e you always needs to swap across your internet line on another device).


Thanks

Vivek

New Member

gateway redendancy between cisco ASA 5520 and cisco 2811

hi,

i can get another internet link, but if i have another link to the same internet line it will be possible to get it work ?

997
Views
0
Helpful
11
Replies