cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
460
Views
0
Helpful
6
Replies

HSRP on ASA

Hello Experts -

I have Cisco ASA 5512 as a gateway appliance and an alternate router Cisco 2801. I need to use HSRP on ASA and on a router to work as a active stand-by. Primary gateway should always be ASA and if its inside interface attached with the switch gets down Cisco 2801 router starts acting as a gateway for my users. I just need fail over, I don't want load balancing. I have read that ASA does not support HSRP then suggest the fail over alternative in this case because I don't have two ASA for active and standby scenario.

 

Note : I need fail over between ASA firewall and a Cisco 2801 router. Diagram is attached for reference.

HSRP.png

Everyone's tags (1)
6 REPLIES 6
Highlighted
Hall of Fame Guru

Re: HSRP on ASA

An ASA does not support HSRP in any manner.

 

You might be able to setup an ip sla operation on your user switch that flips the default route from the ASA to the router in the event that the internet becomes inaccessible via the ASA.

Highlighted

Re: HSRP on ASA

A switch is not using in layer 3 mode it is a layer 2 in which all users gateway has pointed to ASA. Is their any other solution?

Highlighted
VIP Collaborator

Re: HSRP on ASA

as Marvin said, and taking his point further more as you have 3850 switch you can create a SVI on that switch.

please do not forget to rate.
Highlighted

Re: HSRP on ASA

Thank you Marvin for your reply, As I mentioned 3850 switch is in layer 2 mode and it is not working as a Layer 3 to establish IP SLA. Please suggest alternate solution.

Highlighted
Hall of Fame Guru

Re: HSRP on ASA

Instead of "hot" standby, make it "warm".

 

If the ASA fails, move the cables from it to the router.

 

There's no free lunch here or some magic way to make an ASA 5512-X be automagically and transparently backed up by an old 2801 router. There may also be features in use on the ASA that the router does not support.

Highlighted

Re: HSRP on ASA

Hard fail over physically moving the cables has already been configured, Well thank you for the help.