Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1115
Views
0
Helpful
1
Replies

Firepower active passive - High availability of modules

brat33333
Level 1
Level 1

‎12-01-2017 05:11 AM - edited ‎02-21-2020 06:53 AM

There are 2 ACAs in active passive mode
I can not ensure the high availability of two firepower modules. He got both in Cisco Firepower Management. Accordingly, the traffic goes on one module, the other is in an error state: "Interface 'DataPlaneInterface0' is not receiving any pasquets." I think because of this does not allow to add a couple of interfaces.
Device management - Add high availability ... And there are no devices available for a couple.
Tell me how can I avoid this?
I want to end up with the fall of one of the ACA, in the transition to a secondary, the second module of firepower began to work.

Labels:
Preview file
73 KB
0 Helpful
1 Reply 1

Rahul Govindan
VIP Alumni
VIP Alumni

‎12-04-2017 07:41 AM

When you use ASA's with the Firepower module, there is no redundancy that can be configured for the modules on the FMC. Each Firepower module is configured and licensed separately. The ASA's are in active/passive deployment, so when then the active ASA fails, the standby takes over and passes through the Firepower modules as it normally would in the primary unit. During normal operation, no traffic flows through standby Firepower module, hence the message "Interface 'DataPlaneInterface0' is not receiving any packets."

The picture you have attached is for configuring HA for Firepower Threat Defense (FTD) devices. This is a different from the ASA+Firepower module. For FTD devices, you have to configure HA on the FMC.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card