02-13-2013 02:41 AM - edited 03-11-2019 06:00 PM
Hello
I have 2 FW ASA 5520 and i would like to connect each asa in cisco access switch then to configure a failover active standby and noted there is not a redundancy switch (hsrp not configured) ,its possible to do that ?
thanks
02-13-2013 03:06 AM
Surely it's possible. Redundant interfaces of each asa should be on the same l2 segment. HSRP is not related here.
02-13-2013 03:16 AM
Thanks for your reply and i want to know the difference between licences contains Active/Active and licences Active/Standby
and the steps to activate it in the two scenario
Regards
02-13-2013 03:18 AM
Hi,
I'm not sure if I understood the question correctly but I will try to answer.
It all comes down to how far you want or can take the redundancy of your network.
Nothing stops you from using a ASA Failover pair with only one switch. You could have the ASA Failover pair but not use redundant switches/routers but naturally the only thing that could withstand a device failure or other similiar problem would be the ASAs. If a switch or router broke the ASA Failover pair wouldnt help you much.
On the other hand you could have Failover ASAs and redundant switches and still for example your Internet connection/router failing would still mean that nothing works (Other than the LAN ofcourse)
And also you could have Failover ASAs, redundant core routers/L3 switches and redundant Internet router/L3 switch with dual ISP or dual WAN connections from same ISP. Even then there might be possible that some single failing device might cause problems.
The typical Failover setup we do would probably be something like this
- Jouni
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide