Hello Experts -
I have Cisco ASA 5512 as a gateway appliance and an alternate router Cisco 2801. I need to use HSRP on ASA and on a router to work as a active stand-by. Primary gateway should always be ASA and if its inside interface attached with the switch gets down Cisco 2801 router starts acting as a gateway for my users. I just need fail over, I don't want load balancing. I have read that ASA does not support HSRP then suggest the fail over alternative in this case because I don't have two ASA for active and standby scenario.
Note : I need fail over between ASA firewall and a Cisco 2801 router. Diagram is attached for reference.
An ASA does not support HSRP in any manner.
You might be able to setup an ip sla operation on your user switch that flips the default route from the ASA to the router in the event that the internet becomes inaccessible via the ASA.
as Marvin said, and taking his point further more as you have 3850 switch you can create a SVI on that switch.
Thank you Marvin for your reply, As I mentioned 3850 switch is in layer 2 mode and it is not working as a Layer 3 to establish IP SLA. Please suggest alternate solution.
Instead of "hot" standby, make it "warm".
If the ASA fails, move the cables from it to the router.
There's no free lunch here or some magic way to make an ASA 5512-X be automagically and transparently backed up by an old 2801 router. There may also be features in use on the ASA that the router does not support.