Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1856
Views
5
Helpful
2
Replies

asa ha standby ip

mkazam001
Level 3
Level 3

‎08-02-2019 08:42 AM - edited ‎02-21-2020 09:21 AM

Hi All,

Can someone explain how the ASA uses the standby IP in a Active/Standby config. I have always configured the devices like this as per cisco design. Tried to look into this further but unable to find a definitive answer. When the PRIMARY fw fails, the Secondary uses the IP & MAC of the of the PRI - so how does it use the standby IP configured on the interface?

Regards, mk

0 Helpful
2 Replies 2

GRANT3779
Spotlight
Spotlight

‎08-02-2019 11:49 AM

Two things come to mind.
You would use a standby address on a management related port so you can actually manage the secondary firewall. How else would you be able to SSH to it for example?
Also, for the purposes of monitoring as part of your HA setup. The standby ip is used by the active ASA to monitor the secondary firewalls interface if that interface is part of your failover monitoring config.

GRANT3779
Spotlight
Spotlight

‎08-02-2019 11:52 AM

Should add, for management - if you are not using OOB or dedicated management port
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card