Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
978
Views
0
Helpful
1
Replies

Keep ASA 5520's in sync

sahlim
Level 1
Level 1

‎08-22-2011 11:14 AM - edited ‎03-11-2019 02:15 PM

Hello

I have two asa 5520 firewalls. one at my primay data center connected to our production Internet feed, and one at my failover datacenter connected to a backup internet feed. I was wondering if there was an easy way to keep the firewall rules in sync between the two firewalls. We have failover with our isp that will move our public facing address block from our primay site to our dr site in the event of a disaster so the ip addresses will not change if we were to have to fail over to the DR site. currently i just have to do any changes that i make on the failover server but would like a way to at least simi-automat this if not fully automat this so that i can eliminate the possability of human error of a change happening at primary but never getting don at DR.

Labels:
0 Helpful
1 Reply 1

varrao
Level 10
Level 10

‎08-22-2011 11:50 AM

Well that is a bit difficult to do if you are looking for something semi automatic, it woudl have only been possible, if you had failover running between the two firewalls as well, so I guess manual migt be your best option, but always keep a latest copy of the primary site ASA.

-Varun

Thanks,
Varun Rao
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card