01-12-2024 01:20 AM
Hello!
Which command I can understand if two Cisco ASA are configured at Active/Active or Active/Standby?
Thanks in advance.
Solved! Go to Solution.
01-12-2024 02:20 AM - edited 01-12-2024 02:27 AM
@diogopxo if you are using Active/Active you'd be running in multi-context mode, which would mean you had multiple different firewalls managed separately. Console on to the ASA and run "show context", if you are running in multi-context mode it will display all the configured contexts. Or just SSH to one of the firewalls and run "show context" and it will display that context. If you don't have any contexts then you aren't running Active/Active, then run "show failover" to confirm you are running Active/Standby.
01-12-2024 02:20 AM - edited 01-12-2024 02:27 AM
@diogopxo if you are using Active/Active you'd be running in multi-context mode, which would mean you had multiple different firewalls managed separately. Console on to the ASA and run "show context", if you are running in multi-context mode it will display all the configured contexts. Or just SSH to one of the firewalls and run "show context" and it will display that context. If you don't have any contexts then you aren't running Active/Active, then run "show failover" to confirm you are running Active/Standby.
01-12-2024 02:20 AM - edited 01-12-2024 02:24 AM
Show failover in both fw
Check status
If you dont config multi context and you see both fw status active that issue called split brain
If you config multi context and you see both fw status active FOR one group that also issue.
MHM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide