Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
635
Views
0
Helpful
2
Replies

ASA failover design

johng231
Level 3
Level 3

‎08-06-2009 11:29 AM - edited ‎03-11-2019 09:03 AM

Hello Everyone,

We are replacing all of our PIX firewalls in our main data center with ASA 5550s. We have 7 pairs of the 5550s, what would be the best design scenario to setup the LAN/Stateful failover connection? The documentation states, you can have it plugged between each other or in a dedicated switch as long as there are no hosts, routers or security appliances on the same segment as the failover link.

We are thinking of having them plugged into a stack of 3750E switches, since we have the available ports on them. The primary firewall will plug into one of the switches in the stack and the secondary into the other switch in the stack with separate vlans for all of the pairs. Are there any issues with having them plugged into a cross stack?

Labels:
0 Helpful
2 Replies 2

srue
Level 7
Level 7

‎08-06-2009 06:48 PM

as long as the failover/stateful interfaces have network connectivity to each other, it's fine. i don't recommend connecting them directly with a crossover though be/c it results in unpredictable behavior if one goes down - then the other thinks it's failover interface is down also.

0 Helpful

SOL10
Level 1
Level 1
In response to srue

‎08-12-2009 02:49 AM

hi

the way our 5510's are set up is by putting the failover interfaces in their own vlan rather than connecting them together.

HTH

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card