cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1544
Views
5
Helpful
5
Replies

Failover on ASA by IP on different subnet?

John Blakley
VIP Alumni
VIP Alumni

I'll be configuring an ASA 5550 for a DR site. Is there a way that I can configure this 5550 to be a failover in case the primary in the main site goes down even though it's on a different subnet?

Thanks,

John

HTH, John *** Please rate all useful posts ***
1 Accepted Solution

Accepted Solutions

Jon Marshall
Hall of Fame
Hall of Fame

John

If you mean failover as in active/standby scenario then no you can't because for that to work the firewalls need to have L2 adjacency.

Jon

View solution in original post

5 Replies 5

Jon Marshall
Hall of Fame
Hall of Fame

John

If you mean failover as in active/standby scenario then no you can't because for that to work the firewalls need to have L2 adjacency.

Jon

Thanks :)

HTH, John *** Please rate all useful posts ***

Jon-

If they were in the same subnets could you? I have 10 gig between my datacenters. I think you can, my issue would be detecting what types of failover. Can you track for failover purposes? I can loose internet link, but the link stays up? Thanks for your help.

Jake

"If they were in the same subnets could you ?"

Yes you could although you would need to factor in the latency between the 2 sites and see if that would affect keepalive/state packets.

I don't believe the ASA support object tracking in the same way a router does.

Is your internet link terminated into a router then ?

Jon

The internet is at both sites with 7200s. I did see that the ASA can do ip sla tracking, but its only for default routes. Since these are going to be at different locations, I need to be able to track the inside route as well. Any guidance is appreciated.

Review Cisco Networking for a $25 gift card