- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-15-2012 12:35 PM - edited 03-11-2019 05:09 PM
I am adding a failover asa to an a firewall that is already in production. They are both 5510's, they both have the same abount of ram, have the same code versions. Will there be any downtime while adding the secondary in?
Solved! Go to Solution.
- Labels:
-
NGFW Firewalls
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-15-2012 06:18 PM
No downtime is necessary.
Design your failover setup (i.e. which interface you will use for failover, IP address, will you use a state interface also, etc.). Add the failover interface configuration on the current ASA and turn on failover on that unit.
Then introduce the new unit with minimal configuration - just enough to tell it to look for the primary unit out the failover interface.
This guide is a bit dated but still valid.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-15-2012 06:18 PM
No downtime is necessary.
Design your failover setup (i.e. which interface you will use for failover, IP address, will you use a state interface also, etc.). Add the failover interface configuration on the current ASA and turn on failover on that unit.
Then introduce the new unit with minimal configuration - just enough to tell it to look for the primary unit out the failover interface.
This guide is a bit dated but still valid.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-16-2012 07:37 AM
Thanks Marvin, I actually already added the firewall by the time you put this comment up. I lost connection to the active firewall when i added the standby ip, but only for a couple seconds. When i added the failover commands i lost connection for maybe 30 seconds. After that no drops in connectivity at all. Thanks for the reply.
