Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1247
Views
4
Helpful
3
Replies

ASA Redundant Interface Triggers

Cody Ridge
Level 1
Level 1

‎12-13-2010 01:19 PM - edited ‎03-11-2019 12:21 PM

Hello,

I have a question about what will trigger a standby interface to become active in a redundant interface configuration on an ASA.

On my ASA5540, I have 2 physical Ethernet ports configured as a single redundant interface

The Active ASA physical port connects to a switchport on RouterA

The Standby ASA physical port connects to a switchport on RouterB

HSRP is configured between RouterA (active) and RouterB (standby)

What conditions on RouterA will trigger a failover of the ASA redundant interface thus making the Standby physical ASA port now Active?

Such As:

If there is a power failure on RouterA will the ASA interface failover?

If there is RouterA switchport failure on the connection to the ASA?

If any HSRP events on RouterA result in RouterB becoming Active?

Must the link status on RouterA change to a down state in order for the ASA interface to failover?

Thank you and please advise.

Labels:
0 Helpful
3 Replies 3

Maykol Rojas
Cisco Employee
Cisco Employee

‎12-13-2010 07:37 PM

Hello Cody,

Only a physical hardware issue (as far as I can remember and read over the documentation) will cause the interface to become Active/standby. Please remember that this interface should not be used as a mechanism of load balancing of any kind. HSRP (no like failover) has the ability to send traffic from both active and standby Unit, and even you can have one group active and one group as a standby on the same router....

But, in order to answer your question, only a shutdown or a hardware failure, unplug cable, will cause the interface to become ative/standby

Cheers

Mike

Mike

Cody Ridge
Level 1
Level 1
In response to Maykol Rojas

‎12-14-2010 08:52 AM

Thank you Mike,

I had interpreted the documentation the same way.

Just to be clear, when you refer to "only a shutdown or a hardware failure, unplug cable, will cause the interface to become active/standby",

am I correct in assuming you are referencing a hardware failure or other event on the ASA only?  So can I conclude that any hardware failure or HSRP event on the routers will NOT result in an Active redundant interface switching over to the Standby group member?

I only considered the redundant interface option for this project as an alternative to using one, or ideally two, managed switches to connect the routers and ASAs (ASAs are in Active/Standby)  Only one ISP and public address space is available.  Unless you can suggest otherwise, I cannot find a configuration that will allow for the interconnect of two routers and two ASAs without using switch(s).

Regards,

0 Helpful

Maykol Rojas
Cisco Employee
Cisco Employee
In response to Cody Ridge

‎12-14-2010 09:15 AM

Hello,

Well, in case you plug the ASA and the router directly with no switch in between, and one of the interfaces (either router or ASA) fails, then the link on the interface will go down and of course it will trigger the redundant interface.

Hope it helps.

Mike

Mike
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card