failover using management interface on asa

sebastan_bach · ‎06-12-2007

hi all i am trying to setup asa failover using the management interface.

asa1

int e0/0

nameif inside

ip add 10.1.1.1 255.255.255.0 standy 10.1.1.2

no sh

int e0/1

nameif outside

ip add 1.1.1.1 255.255.255.0 standy 1.1.1.2

no sh

int m0/0

no sh

no management-only

int m0/0.1

no sh

vlan 30

no management-only

failover

failover lan unit primary

failover lan interface failover m0/0.1

failover interface ip failover 172.16.1.1 255.255.255.0 standby 172.16.1.2

failover key cisco

failover link failover m0/0.1

asa2

int m0/0

no sh

no management-only

int m0/0.1

no sh

vlan 30

no management-only

failover

failover lan unit secondary

failover lan interface failover m0/0.1

failover interface ip failover 172.16.1.1 255.255.255.0 standby 172.16.1.2

failover key cisco

failover link failover m0/0.1

the asa 's are not getting failover messages from each other.

no response from mate

finally both the asa's are becoming active.

is failover not suppose to run on the management interface even if i have made it a data interface and using it dedicately for failover.

can someone pls help me on this.,

waiting for reply.

regards

sebastan

jaffer_sathik2010 · ‎06-13-2007

Hi sebastan,

Management interface should not be used for the failover feature.

Infact, It will not allow the traffic to pass through it. we can use this interface for managing the device over the network.

Use any dedicated ethernet port.

Hope it helps.

--Jaffer

ciscoforumuser · ‎06-14-2007

We are using management interface as failover link and it's working fine. The only thing is that it's only 100MB connection comapre to all GIG interfaces.