Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
250
Views
0
Helpful
3
Replies

Active/standby

Anthonize Rajaratne
Level 1
Level 1

‎04-12-2016 05:45 AM - edited ‎03-12-2019 12:36 AM

Hello, 

I have configured Active/Standby on two 9.5 ASAs. Failover is working fine.  I have tested with powering off the active and its brings up the standby as active. These failover works without  'standby' command on the outside/inside interfaces.

My question is, is it must to have standby  command configured for active/standby situation? Is it mainly for stateful configuration? 

Thanks in advance. 

Labels:
0 Helpful
3 Replies 3

fsebera
Level 4
Level 4

‎04-12-2016 06:12 AM

Hi,

You need the standby command and related standby configurations on both ASAs. Remember a complete failure is the best failure you can experience because it's an obvious outage; And you have proven this type of failure works. However, one of the worst failures is an interfaces failure and this is where the monitoring commands come into play.

Hope this helps

Frank

0 Helpful

Anthonize Rajaratne
Level 1
Level 1
In response to fsebera

‎04-12-2016 06:47 AM

Thanks for your reply Frank.

I have tested interface failure as well by unplugging the cable and standby device took over. I'm not sure is it must command 'standby' needs to be configured unless you need stateful or  are you referring physical interface fail? 

0 Helpful

fsebera
Level 4
Level 4
In response to Anthonize Rajaratne

‎04-12-2016 06:52 AM

Yes, each "active" interface may need to be monitored to avoid black-holing traffic.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card