Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1439
Views
4
Helpful
1
Replies

ASA Failover Connection

Cody Ridge
Level 1
Level 1

‎03-22-2011 08:27 AM - edited ‎03-11-2019 01:10 PM

Hello,

I have two ASA devices I am configuring for stateful, LAN based failover.

One of the gigabitethernet interfaces on each ASA will be used for failover

Both LAN failover data and stateful data streams will pass on the same gig interface

The ASA gig failover interfaces will be connected with a switch

I have read that it is best practice to use a switch as opposed to a crossover cable.  However, this raises a couple of questions.

Should the switch ports support gigabit speed to match the ASA gigabit interfaces?  Or is it fine for the switch ports to be FE?

What if the switch connecting the ASA failover interfaces fails? 

Will each ASA assume the other ASA has failed since failover data cannot be sent? 

Will each ASA attempt to become Primary Active?

Thank you,

Labels:
0 Helpful
1 Reply 1

nileshrathi_18
Level 1
Level 1

‎03-22-2011 08:40 AM

Hi Cody,

to be honest i am not an Security expert but will answer your questions from my experience.

It is not necessary to use gigabit switchports to connect the ASA. You can get them working by modifying the speed settings.

If the switch connecting the failover interfaces fails then each ASA will assume itself to be the active ASA while the active ASA is still active because it think that the active ASA is no longer reachable(because it assumes the active ASA to be dead)

Thats the reason if both the ASAs are located at the same colocation area, it is best to use a cross-over cable to connect them.

Hope these answer your questions. Please rate the solution if you find it helpful.

Regards,

Nilesh

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card