cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2233
Views
5
Helpful
6
Replies

ASAv in Azure

Tim Glen
Cisco Employee
Cisco Employee

Hi All,

 

I have a need to deploy an HA pair of ASAv in Azure. 

I've read the Deploy ASAv on Azure Cloud document and I understand that the ASAv is required to have interfaces in four subnets, not including the Azure GatewaySubnet.   My Azure Virtual Network only has two subnets FrontEnd (web servers) and BackEnd (database & application servers). 

 

Am I really required to create two 'dummy' subnets in order to deploy this ASAv?

 

Thank you,

 

Tim

 

  

6 Replies 6

No, you don't need to create if you don't want to use them. The template
supports up to 4 interfaces in case you wan to use them.

Hi @Mohammed al Baqari,

Thanks for your reply.  

 

I don't want to assign 4 ASAv NICs to Azure Subnets. 

The template I'm using is "Create Cisco ASAv HA - BYOL".

 

When I get to the point where I assign Azure Subnets to the ASAv interfaces there is no way that I can see to move forward unless I assign an Azure Subnet to all four ASAv interfaces.  Please see the attached screenshot. 

 

Thanks

 

Tim

 

 

 

 

Ok I got your point. That is correct. Azure portal won't let you proceed
without filling the gaps.

In this case, you need to assign dummy subnet.

Thanks for the confirmation. 

 

Tim

 

 

I am currently attempting to deploy ASAv in Azure in existing resources (vnet, subnets, availability set, resource group.) I have downloaded a template from  Cisco-security ASAv TEmplate for Azure Deployment. The deployment validates but 38 seconds in, it fails when creating the NICs.

 

It states that the failure is due to referencing resources not found,  even though this same template worked for this Cisco expert on this YouTube explaining how to deploy ASAV in Azure using template

 

Is the resource order can be rearranged on this template to do the NICs last and how is that done in the JSON file?

 

 

 

 

 

 

I had the same issue with "resources not found" issue.  The only way I could get it to work is use existing subnet and/or create subnets as needed before deployment.

Review Cisco Networking for a $25 gift card