03-07-2018 12:13 AM - edited 02-21-2020 07:29 AM
Hi community,
please help with following question.
I have a 5510 ASA in standalone mode, but going to change it to failover. I have another ASA, but with security context support, ASA 5510sc. Is this a restriction for failover connectivity? As I can see at cisco.com page for failover, "The two units in a failover configuration must have the same hardware configuration. They must be the same model, have the same number and types of interfaces, and the same amount of RAM." So my devices have absolutely the same hardware parameters:
Hardware: ASA5510, 256 MB RAM, CPU Pentium 4 Celeron 1600 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash M50FW080 @ 0xffe00000, 1024KB
Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
Boot microcode : CNlite-MC-Boot-Cisco-1.2
SSL/IKE microcode: CNlite-MC-IPSEC-Admin-3.03
IPSec microcode : CNlite-MC-IPSECm-MAIN-2.05
But license features are different (on the second one I see more security context than on the first one, more VLANs and VPN peers available as well)
Is this a restriction to build a failover, or it is just a software missmatch and theese devices can be connected in failover?
03-07-2018 12:49 AM
03-07-2018 01:04 AM
Thanks for reply. By the way, how can I change a license for ASA with security context? Should I by a new one, or it is a downgrade available with my current license?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide