09-10-2012 09:29 PM - edited 02-21-2020 04:44 AM
hey folks,
I have these two brand spanking 5540's which would be configured in a HA design(Active/Standby)
The only bugger is this client has no spare IP's which can be used on the inside nor the outside.
Yes, all I have been given is two IP's(inside and outside)
I plan to use gig4 for command replication and monitoring
Yes, the design is such that these two new ASA's would be a second layer of security.
Now, is it absolutely necessary to have a secondary IP on the inside interface for the failover to occur or just a standby IP on the dedicated management interface is enough for the failover to happen?
Also, can someone let me know where ASA support interface tracking and punishing the active or standby device to give-up it's active state?
thanks.
09-10-2012 10:43 PM
i mean standby ip and not a secondary ip
09-12-2012 03:24 PM
Hello Mikull,
For a good desing ( Check the status of all the network interfaces) you do need it as failover is based on the exchange of hello packets between both the primary and secondary boxes.
Any other question.. Let me know.. Just remember to rate all of my answers.
Julio
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide