Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
854
Views
0
Helpful
1
Replies

Cluster ASA configuration without the failover cable

blackswans
Level 1
Level 1

‎04-29-2010 10:58 AM - edited ‎03-11-2019 10:39 AM

1.How can I make two firewalls cluster without the failover cable. I need to do failover from the inside. Is there any example configuration?

2.Which ports does the ipsec site-to-site vpn configuration use between two asa firewalls?

Regards....

Labels:
0 Helpful
1 Reply 1

Federico Coto Fajardo
VIP Alumni
VIP Alumni

‎04-29-2010 11:04 AM

Hi,

On the ASA there's no need for a failover cable anymore (like PIXes)

You should use a dedicated Ethernet interface for failover communication between both ASAs.

Optionally, if you enable stateful failover, can use another or the same interface.

It is recommended to be the highest-speed interface on the device.

Take a look:

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/ha_overview.html

Normally, an IPsec L2L tunnel will use both E0 (outside) interfaces on the ASA.

Federico.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card