Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
361
Views
0
Helpful
1
Replies

3 ASA firewalls in failover or cluster??

mikedelafield
Level 1
Level 1

‎02-26-2008 02:41 AM - edited ‎03-11-2019 05:08 AM

We have 2 sites with 2 ASA 5520s on Site A and a 3rd ASA 5520 on Site B.

We have the 2 ASAs at Site A set as Active/Passive failover.

We would like the firewall at Site B to also be part of this failover in the event of Site A being unavailable. Is this possible?

We have a dedicated link between the 2 sites so linking the firewalls for heartbeats etc.. is not an issue.

Is this a valid setup? Is there a better way to achieve this?

Labels:
0 Helpful
1 Reply 1

cdusio
Level 4
Level 4

‎02-28-2008 05:20 PM

This is not possible. You're better off using routing to control ourbound routing around a failure. Use object tracking to generate the default route and redistribute into your IGP.

On the outside NAT to unique address space and you're good to go.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card