Re: Cisco asa multi context failover mode

amsrus · ‎07-11-2018

Hello all.

Could you answer me for one questions please . I have Cisco ASA 5525-x in multiple context mode whit three working contexts. Recently we have bought another one Cisco ASA 5525. Now, сan't decide which solutions will be to meet our requirements Active/Active or Active/Standby failover:

1) Failover for my existing Cisco ASA

2) I have three virtual context and i see that cpu load is equal 60%. I'd like to reduce CPU load trough new ASA.

If i choose Active/Standby, can i make load balansing beetwen my context? For example, for some context i make Primery one node, for another context i make Primery another node.

mbilgrav · ‎07-11-2018

In Active/Active, this is what you actually do: Make different contexts primary-active on different ASA's.
CAUTION - BE VERY CAREFULL ! - you will eventually end up in a hugely oversubscribed scenario, so in a failover situation, you will not be able to handle full load on just one ASA.
Given the extra complexity in Active/Active, this is along with the oversubscription argument to simply use Active/standby.
In your question you say your box is running 60% CPU - I would suggest you look into that first.

balaji.bandi · ‎07-11-2018

You can make Active / Active in the multi context

Like

ASA1 for context 1 active

ASA2 context 1 standby

ASA1 for context 2 standy

ASA2 context 2 active

To achieve this, your hardware should be same and same OS running on both FW

looks like you have 1 X and another normal, please check before you implementing.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help