cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

1404
Views
12
Helpful
5
Replies
Highlighted
Beginner

ASA 5585 - multi context clustering

Good Morning,

 

   I have an one ASA 5585  in multi context mode ( 18 context present). I would like to add an other ASA to do a cluster.  I would to have an Actif/Passif cluster .

Do i have to change configuration on all contexts ?

If anybody can help me ...thanks in advance.

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

Yes.

You have to do it per interface in each context.

In the system context you allocate interfaces only.

Then in each context you have to add standby ip to each interface. I havent found the option to add standby in ASDM, i always use CLI.

It is probably a bit more difficult when adding an asa to the production, then deploying a HA cluster from the start. If your interface address is the first one in the subnet, use the last one for standby to avoid confusion and keep the config uniform. Hopefully you have done good with your ip plan, and reserved first few addresses for infrastructure :)

View solution in original post

5 REPLIES 5
Highlighted
Beginner

You need to add failover configuration in system on the present asa.

Then switch the new one to multi mode, and run the same failover conf in the system context.

Simple config :

failover
failover lan unit primary
failover lan interface Failover GigabitEthernet0/5
failover key *****
failover link Failover GigabitEthernet0/5
failover interface ip Failover 10.10.10.1 255.255.255.252 standby 10.10.10.2

The primary will replicate all configuration to secondary, and you are done.

Highlighted

Thanks Mirza,

 

Do i have to add "stanby" and find an IP for all interfaces (inside and outside , inlcude interfaces on each context ....) ?  or only  on the failover interface Gig 0/5

 

regards

Highlighted

Hi

As far as i know, you have to add a standby address for all physical and logical interfaces.

Active asa in the cluster always assumes the interface address, and the passive one assumes the standby one.

I am no ASA expert, but these are basics :)

Highlighted

Thanks.

 

Do i have to do  under each context ?????

 

 

Highlighted

Yes.

You have to do it per interface in each context.

In the system context you allocate interfaces only.

Then in each context you have to add standby ip to each interface. I havent found the option to add standby in ASDM, i always use CLI.

It is probably a bit more difficult when adding an asa to the production, then deploying a HA cluster from the start. If your interface address is the first one in the subnet, use the last one for standby to avoid confusion and keep the config uniform. Hopefully you have done good with your ip plan, and reserved first few addresses for infrastructure :)

View solution in original post

Content for Community-Ad