04-05-2017 09:31 AM - edited 03-12-2019 02:10 AM
Hi,
I have a pair of ASA 5520 firewalls and have basically same hardware but when I do sh ver on each of them, I see one have
Internal ATA Compact Flash, 512MB
and another one have
Internal ATA Compact Flash, 256MB
I am not sure if this compact flash size difference will cause any issues for the failover pair and also what this Internal ATA Compact Flash actually does?
Thank you
04-05-2017 08:30 PM
An ASA HA failover pair may have different amounts of internal compact flash (CF).
The CF card is what you see as disk0. It is where the ASA image is most commonly loaded from. It is also the storage location for the configuration files (running and startup) and any images such as AnyConnect client packages.
When the CF size varies among units, Cisco advises as follows:
If you are using units with different flash memory sizes in your failover configuration, make sure the unit with the smaller flash memory has enough space to accommodate the software image files and the configuration files. If it does not, configuration synchronization from the unit with the larger flash memory to the unit with the smaller flash memory will fail.
Source: http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/general/asa_91_general_config/ha_failover.html#85382
04-10-2017 11:04 AM
Hi Marvin,
Thank you for your reply.
I am wondering how I can make sure the unit with the smaller flash memory has enough space to accommodate the software image files and the configuration files? what kind of test i need to do?
Thank you.
04-10-2017 07:11 PM
Just look at the working single unit and run the "dir" command. Compare the total size on disk to the available size on the potential secondary unit.
04-10-2017 11:08 PM
hi,
do you have extended or historical monitoring of memory (like Solarwinds) of the ASA with 256MB?
i think ASA 8.2 with 256MB should be fine.
alternatively, you should consider upgrading both units to at least 5525-X with identical HW and SW.
04-06-2017 12:13 AM
hi,
ideally, you want to run identical hardware and software.
what version you're running on the 5520 pair?
04-10-2017 11:05 AM
Hi,
I am running 8.2(4)1 on both of them.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide