06-24-2011 07:33 AM - edited 03-11-2019 01:50 PM
Hi,
I have ASA 5510 connected as shown in attached diagram.
Ideally when ASA 1 is active and if I boot Switch-1, ASA-2 shood take over. But that is not happening.
When I boot SW1 , ASA-2 shows "Failover LAN Interface: failover Ethernet0/0 (Failed - No Switchover)" and remains standby.
Failover works properly If ASA-1 boots.
Solved! Go to Solution.
06-27-2011 01:04 AM
Hi Shivaji,
Here's how to add a redundant interface:
http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/intrface.html#wp1049334
Please read the guidelines for configuring redundant interfaces for failover.
Hope this helps!!
Regards,
Anu
P.S. Please mark this question as answered if it has been resolved. Do rate helpful posts.
06-24-2011 07:44 AM
Hi,
Can you provide the configuration for the failover on the devices???
Varun
06-24-2011 11:15 AM
Since the failover link is failing. You should restore the failover link as soon as possible because the unit cannot fail over to the standby unit while the failover link is down.
Here is a link to document which explains failover actions
06-25-2011 10:57 PM
Agreed,
But for ASA 2, failure of sw1 is as good as failure of ASA1, hence don't u think, ASA 2 should become active
06-26-2011 02:25 AM
Hi Shivaji,
Lets say that ASA1 is active and ASA2 is standby. If the sw1 goes down but the other data interfaces of both the devices are up, then the units can still hear each other through those. So, a failover will not happen, the standby will remain standby and traffic through the active will not be affected. This is why you see that behavior.
A switchover will happen if a number of data interfaces are down. This is decided based on interface monitoring tests. But then again, for failover to happen the failover link must be up and functioning well. As a side note, after the fix for the following bug, failover will happen even if the failover link is down:
Hope this is clear.
Regards,
Anu
P.S. Please mark this question as answered if it has been resolved. Do rate helpful posts.
06-27-2011 12:30 AM
Gr8...I found one doc which says the connectivity I have done is not recommened. We should have seperate switch for failover link.
Also the document says that, we can have two ASA's connecetd directly using cross cable with redundant faiover link.
But I dont knw how to configure the redundant fover link.
Document Link : http://www.cisco.com/en/US/partner/docs/security/asa/asa80/configuration/guide/failover.html
Do you have any idea on this?
06-27-2011 01:04 AM
Hi Shivaji,
Here's how to add a redundant interface:
http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/intrface.html#wp1049334
Please read the guidelines for configuring redundant interfaces for failover.
Hope this helps!!
Regards,
Anu
P.S. Please mark this question as answered if it has been resolved. Do rate helpful posts.
06-27-2011 02:35 AM
Gr8...Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide