Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
665
Views
0
Helpful
1
Replies

Need advice on connecting a failover pair of ASA's to a 3750x stack

dtochilovsky
Level 1
Level 1

‎11-14-2013 07:05 PM - edited ‎03-11-2019 08:05 PM

Hello,

I am designing to connect a failover pair of ASA's (active/standby) to a 3750x stack (L3 routing) of switches.

The 3750x stack will be the connection to the Internet.

Can I use this as the potential solution :

http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/interface_start.html#wp1336269

Attached is my proposed layout of  connectivity. The ASA's will be the gateway for all server traffic (  DMZ, App, DB, etc..), and the 3750's will server as L2 switches for all  server traffic, but will be the routers for Internet bound traffic. I  will be using a L3 SVI for the VLAN interface facing the Internet.

Any suggestions would be greatly appreciated.

Labels:
Preview file
15 KB
0 Helpful
1 Reply 1

daniel.dib
Level 7
Level 7

‎11-14-2013 10:57 PM

Your design looks reasonable to me. It's important to connect devices to different members of the stack like you did.

By looking at your diagram I'm not sure if you meant that each ASA has its own Portchannel or not. If you run active/standby scenario I believe you need one Portchannel per ASA.

Daniel Dib
CCIE #37149

Daniel Dib
CCIE #37149
CCDE #20160011

Please rate helpful posts.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card