https://community.cisco.com/t5/network-security/asa-failover-basic-questions/m-p/703258#M423348 <HTML><HEAD></HEAD><BODY><P>Hi friends,</P><P></P><P>I found an answer to my own questions when I tried it out!! Just wanted to share the same with all of you.</P><P></P><P>1. Telnetting was possible to the inside interface standby IP. So, no need to have console access to the standby unit. It did not work earlier as the inside interface was connected to a different switch port. When changed, I was able to telnet to inside interface.</P><P></P><P>2. I was also able to ping inside standby IP</P><P></P><P>3. Not having a standby public IP for outside interface did not matter. It just showed up as 0.0.0.0 in show monitor-interface command. But when switched to active, it took the active public IP.</P><P></P><P>4. I think that management0/0 interface is a good option to use when in transparent firewall mode. Since, there are no IP's used for other interfaces, the firewall is managed using the management interface IP. </P><P></P><P>Thanks and Regards</P><P>Gautam</P><P></P></BODY></HTML> Tue, 26 Sep 2006 06:03:41 GMT gautamzone 2006-09-26T06:03:41Z https://community.cisco.com/t5/network-security/asa-failover-basic-questions/m-p/703257#M423346 <P>Hi friends,</P><P></P><P>Just wanted to know a few things. The platform is confined to ASA 5540 and version 7.0</P><P></P><P>1.Can I not telnet into one of standby's interface Ip's? This is just to check if it has the same configuration as the active one? I just want to escape the server room air-conditing and consoling to the standby unit to check config.</P><P></P><P>2. Is pinging not possible to any of the standby IP's of Standby unit? </P><P></P><P>3. If outside (public IP) interface of Active unit has no standby IP (to conserve address space), is it ok? What are the effects of not having a standby IP? </P><P></P><P>4. What is the role of management0/0 interface in failover configuration? Is management interface really necessary for a failover configuration? What exactly is the purpose of it? Can i do a successful failover with a shutted management interface?</P><P></P><P>Thanks a lot</P><P>Gautam</P><P></P> Fri, 21 Feb 2020 09:11:29 GMT https://community.cisco.com/t5/network-security/asa-failover-basic-questions/m-p/703257#M423346 gautamzone 2020-02-21T09:11:29Z https://community.cisco.com/t5/network-security/asa-failover-basic-questions/m-p/703258#M423348 <HTML><HEAD></HEAD><BODY><P>Hi friends,</P><P></P><P>I found an answer to my own questions when I tried it out!! Just wanted to share the same with all of you.</P><P></P><P>1. Telnetting was possible to the inside interface standby IP. So, no need to have console access to the standby unit. It did not work earlier as the inside interface was connected to a different switch port. When changed, I was able to telnet to inside interface.</P><P></P><P>2. I was also able to ping inside standby IP</P><P></P><P>3. Not having a standby public IP for outside interface did not matter. It just showed up as 0.0.0.0 in show monitor-interface command. But when switched to active, it took the active public IP.</P><P></P><P>4. I think that management0/0 interface is a good option to use when in transparent firewall mode. Since, there are no IP's used for other interfaces, the firewall is managed using the management interface IP. </P><P></P><P>Thanks and Regards</P><P>Gautam</P><P></P></BODY></HTML> Tue, 26 Sep 2006 06:03:41 GMT https://community.cisco.com/t5/network-security/asa-failover-basic-questions/m-p/703258#M423348 gautamzone 2006-09-26T06:03:41Z