Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
678
Views
5
Helpful
3
Replies

Changing 1 GB modules to 10Gb modules on the ftd4110 failover pair

adidenko
Level 1
Level 1

‎12-22-2022 05:25 AM

Hello team
I need advice about the subject.
short description of our failover Active/standby cluster:
Physically we have two ftd4110 (one per data center site) and our network logically separated to three segments:
1. outside - acces to the internet
2. dmz - for the specify servers
3. inside - rest local network

Now we are faced with the task to change 1 GB modules to 10Gb modules on the ports which look into the outside segment.
Anybody know how to make it seamless or it impossible ?
And what will happen if we replace modules with 10Gb on the one hand, and on the other there will still be 1Gb modules?

failover will fall apart?

Best regards

Labels:
0 Helpful
3 Replies 3

balaji.bandi
Hall of Fame
Hall of Fame

‎12-22-2022 05:46 AM

Depends on how the connection to Switch.

personally i do below steps :

1. I replace on Standby side, so Active still able to pass the traffic.

2. Once standby working as expected.

3. Fail over from active to standby - check all working as expected.

4. replace on Active side 1GB to 10GB SFP and bring up the ports check the redundancy status ?

 

Note : if any link connected back to back - i expect to shutdown one side ( that is standby side completly and replace the SFP both the side and bringing back the standby unit is safe approach i think,)

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

adidenko
Level 1
Level 1
In response to balaji.bandi

‎12-22-2022 06:44 AM

"1. I replace on Standby side, so Active still able to pass the traffic."
Are you sure? The main question - what happends with failover when on the Standby wil be 10Gb module and on the Active will still be 1Gb module? Because according the oficial doc - ports must be equal (numbers, types, speed and etc)

MHM Cisco World
VIP
VIP
In response to adidenko

‎12-22-2022 07:20 AM

Screenshot (160).png
I run lab and hope it help you to decide the right way 
the lab I config IN with different interface, and since the active will wr the config to standby, you can see that the interface IN make as no-link in both ASA HA, 
but if the traffic go to active (right config interface) the traffic is pass.
I ping from R2 to R1 and the traffic pass through the Active ASA-1 and you can see the ping is success. 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card