Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4706
Views
10
Helpful
1
Replies

Multiple Context ASA failover (Active/Standby) with a new purchase ASA

Go to solution
nitiwit.wa1
Level 1
Level 1

‎06-22-2018 01:03 AM - edited ‎02-21-2020 07:54 AM

Hello,

 

Now my customer uses 1 ASA with a multiple context mode (around 3 contexts, admin and 2 created by customers) and they purchased new ASA5545 for failover (Active/Standby)

 

My question is can I configure failover (Active/Standby) between active ASA and new purchased one that doesn't have any configuration? (The new one will be standby)

 

Do I need to change mode of new ASA to multiple context first? and create context equal to active ASA? Will a standby ASA replicate entire configuration from active ASA? 

 

Is there any configuration example cause I couldn't find it.

 

Thanks for your support !

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
johnlloyd_13
Level 9
Level 9

‎06-24-2018 10:44 PM - edited ‎06-24-2018 10:50 PM

hi,

you just need a minimum config on the new/secondary ASA 5545-X.

the config will be replicated from the primary FW afterwards.

note the default ASA security context is 2, so you have 1x 'admin' context by default and 2 customer contexts.

 

1) upgrade secondary FW to the same ASA and ASDM image

2) enable 'multiple mode'

3) unshut the 'failover' interface

4) configure the failover config.

 

see config sample below:

 

configure terminal
mode multiple        <<< ASA WILL BE REBOOTED

 

---


configure terminal
interface GigabitEthernet0/7
 no shutdown
failover lan unit secondary
failover key cisco123
failover lan interface FAILOVER GigabitEthernet0/7
failover interface ip FAILOVER 10.1.1.1 255.255.255.252 standby 10.1.1.2
failover

View solution in original post

1 Reply 1

Go to solution
johnlloyd_13
Level 9
Level 9

‎06-24-2018 10:44 PM - edited ‎06-24-2018 10:50 PM

hi,

you just need a minimum config on the new/secondary ASA 5545-X.

the config will be replicated from the primary FW afterwards.

note the default ASA security context is 2, so you have 1x 'admin' context by default and 2 customer contexts.

 

1) upgrade secondary FW to the same ASA and ASDM image

2) enable 'multiple mode'

3) unshut the 'failover' interface

4) configure the failover config.

 

see config sample below:

 

configure terminal
mode multiple        <<< ASA WILL BE REBOOTED

 

---


configure terminal
interface GigabitEthernet0/7
 no shutdown
failover lan unit secondary
failover key cisco123
failover lan interface FAILOVER GigabitEthernet0/7
failover interface ip FAILOVER 10.1.1.1 255.255.255.252 standby 10.1.1.2
failover

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card