cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3614
Views
0
Helpful
2
Replies

HA between a Cisco ASA 5520 and a Cisco ASA 5525-X

Hi all!

we have a couple of Cisco ASA 5520 running 8.4(3) software, and we want to improve throughput changing them with a couple of Cisco ASA 5525-X. Since software is theorically compatible, we are not going to upgrade it right now.

We don't want to stop service, so we are thinking about switching off backup 5520 firewall, change it with a 5525-X and balance service to that one while we change the other 5520 fw. So the question is, has someone tried to make an active-pasive cluster with both technologies, Cisco ASA an Cisco ASA-X firewalls? We were said that it should be theorically compatible, but we'd like to know if someone tried before.

Best regards for all,

Everyone's tags (2)
1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Hall of Fame Guru

Re: HA between a Cisco ASA 5520 and a Cisco ASA 5525-X

You cannot make a 5520 establish failover with the mate being a 5525-X.

1. The configuration guide (here) states:

The two units in a failover configuration must be the same model, have the same number and types of interfaces, the same SSMs installed (if any), and the same RAM installed.

2. A 5525-X requires 8.6 software. 8.6 does not support non-X series ASAs. (Reference) Even if you wait until 9.0 is available (next month) for both you still fail on the model and RAM (X series has much more than the 5520) checks noted above.

View solution in original post

2 REPLIES 2
Highlighted
Hall of Fame Guru

Re: HA between a Cisco ASA 5520 and a Cisco ASA 5525-X

You cannot make a 5520 establish failover with the mate being a 5525-X.

1. The configuration guide (here) states:

The two units in a failover configuration must be the same model, have the same number and types of interfaces, the same SSMs installed (if any), and the same RAM installed.

2. A 5525-X requires 8.6 software. 8.6 does not support non-X series ASAs. (Reference) Even if you wait until 9.0 is available (next month) for both you still fail on the model and RAM (X series has much more than the 5520) checks noted above.

View solution in original post

Highlighted

HA between a Cisco ASA 5520 and a Cisco ASA 5525-X

Thank you, Marvin. Loud and clear.