Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
893
Views
5
Helpful
1
Replies

FTD HA failover scenario (No data interface monitored)

00u17
Level 1
Level 1

‎12-02-2021 10:58 PM

Hello Everyone,

 

I have a FTD pair in HA with active standby configuration. Both peer are connected to DC switches using VPC.

 

A direct failover and staelink is connected between both peers. We do not have any data interface monitored or standby ip configured on it. i.e. inside and ouside

 

1) If failover link and/or statelink disconnects in this case then what would happen? 

 

2) if data interfaces were also being monitored with standby ip and failover link and/or statelink fails then what would happen? 

0 Helpful
1 Reply 1

balaji.bandi
Hall of Fame
Hall of Fame

‎12-03-2021 01:29 AM 

1) If failover link and/or statelink disconnects in this case then what would happen?

They become the split brain. that means both become active. (then one should manually shut down to restore the services.

 

 

2) if data interfaces were also being monitored with standby ip and failover link and/or statelink fails then what would happen?

Good failure scenarios are explained below :

 

https://www.cisco.com/c/en/us/support/docs/security/firepower-management-center/212699-configure-ftd-high-availability-on-firep.html

https://www.cisco.com/c/en/us/td/docs/security/firepower/610/configuration/guide/fpmc-config-guide-v61/firepower_threat_defense_high_availability.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card