01-28-2010 09:02 AM - edited 03-11-2019 10:02 AM
Hello!
Which command I can understand if two Cisco ASA are configured at Active/Active or Active/Standby?
Following extract the output of the command show version:
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 100
Inside Hosts : Unlimited
Failover : Active/Active
VPN-DES : Enabled
VPN-3DES-AES : Enabled
Security Contexts : 2
GTP/GPRS : Disabled
VPN Peers : 250
WebVPN Peers : 2
AnyConnect for Mobile : Disabled
AnyConnect for Linksys phone : Disabled
Advanced Endpoint Assessment : Disabled
UC Proxy Sessions : 2
This platform has an ASA 5510 Security Plus license.
Let me know!
Thank you,
01-28-2010 09:47 AM
Hello!
Which command I can understand if two Cisco ASA are configured at Active/Active or Active/Standby?
Following extract the output of the command show version:Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 100
Inside Hosts : Unlimited
Failover : Active/Active
VPN-DES : Enabled
VPN-3DES-AES : Enabled
Security Contexts : 2
GTP/GPRS : Disabled
VPN Peers : 250
WebVPN Peers : 2
AnyConnect for Mobile : Disabled
AnyConnect for Linksys phone : Disabled
Advanced Endpoint Assessment : Disabled
UC Proxy Sessions : 2This platform has an ASA 5510 Security Plus license.
Let me know!Thank you,
Hi,
Show version will tell about appropriate running software license in firewall.
show failover state command will tell about the actual state of the firewall it is primary or standby.
Hope to help !!
If helpful do rate
Ganesh.H
01-28-2010 11:38 PM
Hi,
Following the output of the command show failover state:
CiscoASA# show failover state
State Last Failure Reason Date/Time
This host - Primary
Active Ifc Failure 10:09:01 Italy Jan 27 2010
dmz: Failed
Other host - Secondary
Standby Ready Ifc Failure 15:18:36 Italy Jul 21 2009
dmz: Failed
====Configuration State===
Sync Done
Sync Done - STANDBY
====Communication State===
Mac set
CiscoASA#
so, this firewall is configured at Active/Active mode or Active/Standby mode?
Thank you,
01-29-2010 12:26 AM
Hi,
Following the output of the command show failover state:
CiscoASA# show failover state
State Last Failure Reason Date/Time
This host - Primary
Active Ifc Failure 10:09:01 Italy Jan 27 2010
dmz: Failed
Other host - Secondary
Standby Ready Ifc Failure 15:18:36 Italy Jul 21 2009
dmz: Failed
====Configuration State===
Sync Done
Sync Done - STANDBY
====Communication State===
Mac set
CiscoASA#so, this firewall is configured at Active/Active mode or Active/Standby mode?
Thank you,
Hi,
The above output says the configuration is for Active/Standby mode for Active/Active mode you will groups assigned to firewall which will act as active for specific group and stanby for specific.
the below output will be for active/active sample configuration in failover
PIX1(config-subif)#show failover
Failover On
Cable status: N/A - LAN-based failover enabled
Failover unit Primary
Failover LAN Interface: LANFailover Ethernet3 (up)
Unit Poll frequency 15 seconds, holdtime 45 seconds
Interface Poll frequency 5 seconds, holdtime 25 seconds
Interface Policy 1
Monitored Interfaces 4 of 250 maximum
Version: Ours 7.2(2), Mate 7.2(2)
Group 1 last failover at: 06:12:45 UTC Apr 16 2007
Group 2 last failover at: 06:12:43 UTC Apr 16 2007
This host: Primary
Group 1 State: Active
Active time: 359610 (sec)
Group 2 State: Standby Ready
Active time: 3165 (sec)
context1 Interface inside (192.168.1.1): Normal
context1 Interface outside (172.16.1.1): Normal
context2 Interface inside (192.168.2.2): Normal
context2 Interface outside (172.16.2.2): Normal
Other host: Secondary
Group 1 State: Standby Ready
Active time: 0 (sec)
Group 2 State: Active
Active time: 3900 (sec)
context1 Interface inside (192.168.1.2): Normal
context1 Interface outside (172.16.1.2): Normal
context2 Interface inside (192.168.2.1): Normal
context2 Interface outside (172.16.2.1): Normal
Hope that clear out your query !!
If helpful do rate
Ganesh.H
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide