Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
362
Views
0
Helpful
1
Replies

How to design ASA 5510 Failover for Process Control Network?

Matthew Scheele
Level 1
Level 1

‎03-20-2013 01:57 PM - edited ‎03-11-2019 06:17 PM

I'm currently working on setting up 2 ASA 5510's with redundancy/failover. I'm not an expert when it comes to the ASA's so I'm not 100% sure if I can do what I need to.

I have 2 inside networks that need to remain separate, a DMZ network,and an outside network. Since each network connects via ethernet to one of the 4 ethernet ports on the ASA 5510's, all 4 ethernet ports on the ASA 5510 will be in use. If I wanted to setup one firewall as Active and the other as standby, how would I go about doing that? Do I need a direct ethernet connection between the 2 firewalls to use something such as HSRP? Or would the Standby firewall be able to tell if the Active firewall is OK since they would both be connected on each of their interfaces to the same networks?

Thanks!                 

Labels:
0 Helpful
1 Reply 1

patrick.preuss
Level 1
Level 1

‎03-20-2013 02:36 PM

Hi

First asa's dont speak hsrp they use their own protocol.
If you Infrastructure supports vlans you can move one Interface to a tagged sub Interface and use the Free physical for Cluster Sync. As far as i remember the Sync must be on a dedicated Interface.

Hth Patrick


Sent from Cisco Technical Support iPhone App

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card