Showing results for 
Search instead for 
Did you mean: 

CISCO ASA555X with Firepower - Adding 2ndary ASA back into Active / standby cluster ?


Okay before our SF upgrade, we had 2 ASA 5555x's in active standby mode..

I then broke the failover config and removed the standby ASA, running on Primary only.

I upgraded the 2ndary ASA to latest release and added the SFR module etc

Installed the Firesight management center and got that up and running with the 2ndary ASA.

During our Maint window removed the primary ASA and re-installed the 2ndary back into prod running

the Firepower services..That has worked out well.

I now have the primary ASA in the lab and have installed it with the latest release as well as install

the SFR module etc etc.So its ready to go back into prod and reform the Failover cluster

So I have a few questions

1 - Is there anything special about readding the failover config to both firewalls again ? It was pretty simple first time around.

     Curious if any of that has changed now that they are both running SFR modules

2 - How do I add the 2nd ASA to the firesight center ? Is that as simple as adding a new device in FS center under the device settings ?

3 - Once the 2ndary ASA is added to FS center, is there anything I need to be aware of when syncing new policy changes for both firewalls. Does the active and 2ndary get the policy changes automatically ?

Just looking for the best way to get our 2ndary ASA back into Active Standby mode with the new Firepower services enabled and registed with FS center.

Any help would be appreciated.



0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers