04-11-2011 03:02 AM - edited 02-21-2020 04:18 AM
Hi,
I try configure failover as per diagram, but it didn't work. Below is how i configure:
Primary:
int g0/0
ip address 192.168.50.5 255.255.255.0 standby 192.168.50.6
security-level 0
nameif public
no shut
exit
int g0/1
ip address 172.16.0.5 255.255.0.0 standby 172.16.0.6
security-level 100
nameif inside
no shut
exit
interface Management0/0
nameif management
security-level 100
ip address 192.168.80.1 255.255.255.0
management-only
no shut
exit
failover
failover lan unit primary
failover lan interface failover g0/3
failover key cisco
failover interface ip failover 192.168.100.1 255.255.255.0 standby 192.168.100.2
Secondary:
int g0/0
ip address 192.168.50.6 255.255.255.0
security-level 0
nameif public
no shut
exit
int g0/1
ip address 172.16.0.6 255.255.0.0
security-level 100
nameif inside
no shut
exit
interface Management0/0
nameif management
security-level 100
ip address 192.168.80.2 255.255.255.0
management-only
no shut
exit
failover
failover lan unit secondary
failover lan interface failover g0/3
failover key cisco
failover interface ip failover 192.168.100.1 255.255.255.0 standby 192.168.100.2
Is my configuration correct?
04-11-2011 05:21 AM
Hi Vincent,
The failover configuration on the primary is fine. But on the Secondary unit you just need the following commands:
int g0/0
no shut
int g0/1
no shut
failover lan unit secondary
failover lan interface failover g0/3
failover key cisco
failover interface ip failover 192.168.100.1 255.255.255.0 standby 192.168.100.2
failover
You need not assign Ip addresses to the interfaces on the secondary ASA. Once the failover is on the config is pushed by the Active unit to the standby unit. So once the primary ASA becomes active it will push the standby IP addresses to the interfaces of the standby unit. Do note that is it recommended that the 'failover' command should be issued after entering all the failover configuration . You can check the status of the failover by ' show failover' command. Enabling the logs will also help you isolate the issue.
Hope this helps!
Regard,
Som
P.S.: Please mark the question resolved if it has been answered. Do rate helpful posts. Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide