Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
413
Views
0
Helpful
6
Replies

ASA5520 active/standy hardware

Ge Qu
Level 1
Level 1

ā€Ž04-05-2017 09:31 AM - edited ā€Ž03-12-2019 02:10 AM

Hi,

I have a pair of ASA 5520 firewalls and have basically same hardware but when I do sh ver on each of them, I see one have 

Internal ATA Compact Flash, 512MB

and another one have 

Internal ATA Compact Flash, 256MB

I am not sure if this compact flash size difference will cause any issues for the failover pair and also what this Internal ATA Compact Flash actually does?

Thank you

Labels:
0 Helpful
6 Replies 6

Marvin Rhoads
Hall of Fame
Hall of Fame

ā€Ž04-05-2017 08:30 PM

An ASA HA failover pair may have different amounts of internal compact flash (CF).

The CF card is what you see as disk0. It is where the ASA image is most commonly loaded from. It is also the storage location for the configuration files (running and startup) and any images such as AnyConnect client packages.

When the CF size varies among units, Cisco advises as follows:

If you are using units with different flash memory sizes in your failover configuration, make sure the unit with the smaller flash memory has enough space to accommodate the software image files and the configuration files. If it does not, configuration synchronization from the unit with the larger flash memory to the unit with the smaller flash memory will fail.

Source: http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/general/asa_91_general_config/ha_failover.html#85382

0 Helpful

Ge Qu
Level 1
Level 1
In response to Marvin Rhoads

ā€Ž04-10-2017 11:04 AM

Hi Marvin,

Thank you for your reply.

I am wondering how I can make sure the unit with the smaller flash memory has enough space to accommodate the software image files and the configuration files? what kind of test i need to do?

Thank you.

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Ge Qu

ā€Ž04-10-2017 07:11 PM

Just look at the working single unit and run the "dir" command. Compare the total size on disk to the available size on the potential secondary unit.

0 Helpful

johnlloyd_13
Level 9
Level 9
In response to Ge Qu

ā€Ž04-10-2017 11:08 PM

hi,

do you have extended or historical monitoring of memory (like Solarwinds) of the ASA with 256MB?

i think ASA 8.2 with 256MB should be fine.

alternatively, you should consider upgrading both units to at least 5525-X with identical HW and SW.

0 Helpful

johnlloyd_13
Level 9
Level 9

ā€Ž04-06-2017 12:13 AM

hi,

ideally, you want to run identical hardware and software.

what version you're running on the 5520 pair?

0 Helpful

Ge Qu
Level 1
Level 1
In response to johnlloyd_13

ā€Ž04-10-2017 11:05 AM

Hi,

I am running 8.2(4)1 on both of them.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card