Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
967
Views
0
Helpful
4
Replies

1 router === 2 ASA (how to connect without switch)

Go to solution
Kyujin Choi
Level 1
Level 1

‎05-07-2013 04:38 AM - edited ‎03-11-2019 06:39 PM

Internet ----  ASR ------ Switch ------- ASA 1 (active) 

                                       |              |

                                       |              |

                                       |---------- ASA 2 (standby)

ASR supports BDI (Bridge Domain Interface), in that case, it seems like possible.

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni
In response to Kyujin Choi

‎05-07-2013 12:15 PM

Hi,

I think you might be able to bridge the 2 interfaces (even if they are not switchports) and enable the use of ASA Failover behind the 2 interfaces. I have only operated one ASR1001 just lately. To my understanding every port it has is a normal router port.

Have a look at this section of the configuration guide

http://www.cisco.com/en/US/docs/routers/asr1000/configuration/guide/chassis/bdi.html

Also have a look at this thread on these forums which seems to handle the same situation as yours

https://supportforums.cisco.com/thread/2169496

Hope this helps

Please remember to mark the question as answered if it was.

- Jouni

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni

‎05-07-2013 10:57 AM

Hi,

I am not familiar with all the router models.

Though I have to say when we have setup a ASA Failover pair with a single router only, we have used a model that is using a built in switch module. I dont see how the ASA Failover would work properly with regards to the "outside" interface polling otherwise.

Naturally if there is an option to somehow bridge the 2 interfaces together then it might not be a problem.

Or does the router model you are looking at have a Switch module in it?

- Jouni

0 Helpful

Go to solution
Kyujin Choi
Level 1
Level 1
In response to Jouni Forss

‎05-07-2013 11:55 AM

Thank for your information.

I will have ASR1001 which has 4 of GE ports, but I am not sure whether these ports are used as switch module.

If these ports can be used as switch module (L2), you are right. it is possible.

0 Helpful

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni
In response to Kyujin Choi

‎05-07-2013 12:15 PM

Hi,

I think you might be able to bridge the 2 interfaces (even if they are not switchports) and enable the use of ASA Failover behind the 2 interfaces. I have only operated one ASR1001 just lately. To my understanding every port it has is a normal router port.

Have a look at this section of the configuration guide

http://www.cisco.com/en/US/docs/routers/asr1000/configuration/guide/chassis/bdi.html

Also have a look at this thread on these forums which seems to handle the same situation as yours

https://supportforums.cisco.com/thread/2169496

Hope this helps

Please remember to mark the question as answered if it was.

- Jouni

0 Helpful

Go to solution
Kyujin Choi
Level 1
Level 1
In response to Jouni Forss

‎05-07-2013 12:22 PM

Thank you.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card