Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
368
Views
0
Helpful
1
Replies

ASA behind ASR design question

Christian Boesch
Level 1
Level 1

‎03-02-2016 12:01 PM - last edited on ‎03-25-2019 05:58 PM by Community Manager

Hi,

I have two ASAs in active/passive failover mode behind a pair of two ASR1001 edge router.

Therefore both ASAs need a link to both routers and in case of failover the IP moves to

the standby box. So to establish OSPF neighborship it needs on both ASRs two L2 trunk links I think to both ASAs. But on the ASR it's

not possible to create a interface vlan like on a Cat6500 or so.

With int gi0/1.<vlanid> and int gi0/2.<vlanid> it does not work because only one interface

can be assigned an IP in the same subnet. I also tried to establish a port channel from the ASR to the active and standby ASA but

that also does not seem to work.

Can anyone give me a hint how to do design that?

Many thanks,

Chris

Labels:
0 Helpful
1 Reply 1

Philip D'Ath
VIP Alumni
VIP Alumni

‎03-02-2016 11:58 PM

You'll need a switch on which you can create a VLAN so you can have all four interfaces in the same layer 2 domain.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card