Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
976
Views
0
Helpful
2
Replies

ASA5500 changing the failover IP addresses

Go to solution
David.Pellat
Level 1
Level 1

‎08-23-2011 04:44 PM - edited ‎03-11-2019 02:16 PM

Hi,

What is the process for changing the IP addresses on a pair of ASA 5510's that are running as an Active/standby scenario.

Would it be the correct process to connect to the inside address of the standby unit, disable failover, change the address, save the config:

Standby Unit:

===========

no failover

failover interface ip Failover 172.30.254.225 255.255.255.252 standby 172.30.254.226

Primary Unit

==========

failover interface ip Failover 172.30.254.225 255.255.255.252 standby 172.30.254.226
 
 Standby Unit
 =============
 failover

I cannot find a doco that details changing the addresses whilst in production.

Thanks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Maykol Rojas
Cisco Employee
Cisco Employee

‎08-23-2011 06:00 PM

You are completely right, there is no document for this, here is what I would do...

-Disconnect the cables on the Secondary Unit

-Disable failover on the primary Unit

-Via console on the secondary unit... Clear all the config and put the new failover commands including the New IP

-On the primary Unit change the failover IP with that command you highlighted.

-Once the primary has all the configuration and the secondary only the failover commands...connect the failover cable of the secondary unit only (Since the other interfaces are down, it wont try to become active if he is not able to find the primary Unit.

-Once connected, enable failover on the priamry and on the secondary

-Once the configuration is replicated and the primary unit looks active and the secondary as failed... connect the rest of the cables...

That way you wont loose internet connectivity... and I think is the safest way to do it.

Mike

Mike

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Maykol Rojas
Cisco Employee
Cisco Employee

‎08-23-2011 06:00 PM

You are completely right, there is no document for this, here is what I would do...

-Disconnect the cables on the Secondary Unit

-Disable failover on the primary Unit

-Via console on the secondary unit... Clear all the config and put the new failover commands including the New IP

-On the primary Unit change the failover IP with that command you highlighted.

-Once the primary has all the configuration and the secondary only the failover commands...connect the failover cable of the secondary unit only (Since the other interfaces are down, it wont try to become active if he is not able to find the primary Unit.

-Once connected, enable failover on the priamry and on the secondary

-Once the configuration is replicated and the primary unit looks active and the secondary as failed... connect the rest of the cables...

That way you wont loose internet connectivity... and I think is the safest way to do it.

Mike

Mike
0 Helpful

Go to solution
David.Pellat
Level 1
Level 1
In response to Maykol Rojas

‎09-13-2011 06:58 PM

Many thanks

Success!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card