Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
562
Views
0
Helpful
2
Replies

Cisco ASA failover active/standby

Go to solution
mohamedjasren
Level 1
Level 1

‎02-06-2014 12:57 AM - edited ‎03-11-2019 08:41 PM

Hi all,

need to ask about implemanting Cisco ASA failover Active/Standby

my question are

1) need to run ASDM on both active/standby same version?? lets say 6.4.5

2) failover link need to used crossover cable?

3) IPS ver need to be same on active/standby

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marius Gunnerud
VIP
VIP

‎02-06-2014 01:45 AM 

1) need to run ASDM on both active/standby same version?? lets say 6.4.5

Yes, this is because the configuration of the Active ASA is copied to the standby ASA.  In the configuration are the settings of which ASDM image to use, so if you have a different ASDM image installed on the standby than the one that is defined in the configuration, the standby ASA will not know where to launch the ASDM from.

2) failover link need to used crossover cable?

No, The default auto negotiation on ASAs use auto MDI/MDIX 

3) IPS ver need to be same on active/standby

Yes and no.  IPS settings do not replicate so you need to manually configure each IPS.  Ofcourse it is recommended to use the same on both.

--
Please remember to rate and select a correct answer

--
Please remember to select a correct answer and rate helpful posts

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Marius Gunnerud
VIP
VIP

‎02-06-2014 01:45 AM 

1) need to run ASDM on both active/standby same version?? lets say 6.4.5

Yes, this is because the configuration of the Active ASA is copied to the standby ASA.  In the configuration are the settings of which ASDM image to use, so if you have a different ASDM image installed on the standby than the one that is defined in the configuration, the standby ASA will not know where to launch the ASDM from.

2) failover link need to used crossover cable?

No, The default auto negotiation on ASAs use auto MDI/MDIX 

3) IPS ver need to be same on active/standby

Yes and no.  IPS settings do not replicate so you need to manually configure each IPS.  Ofcourse it is recommended to use the same on both.

--
Please remember to rate and select a correct answer

--
Please remember to select a correct answer and rate helpful posts
0 Helpful

Go to solution
mohamedjasren
Level 1
Level 1
In response to Marius Gunnerud

‎02-12-2014 05:07 PM

Hi Marius Gunnerud,

by the way thanks. another questions. my current running unit is 8.0(4) and ASDM 6.3(3). can i know, where to download ASDM ver 6.3(3) for ASA 5510 except another method is copy flash tftp. i try cisco download but dont have this model.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card