cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1920
Views
5
Helpful
2
Replies

NGIPS high availability

manvik
Level 3
Level 3

hi guys,

slight confusion on Cisco NGIPS high availability and clustering.

  1. My devices are Firepower 4125 with fxos and planning to run FTD on it.
  2. Total 4 devices - 2 in DC and 2 in DR
  3. Can i do Active-Passive failover with devices
  4. some documentations mentioned, HA not possible for NGIPS devices only clustering. Is that truuuuuuuue?
  5. How many devices can be added to cluster?
  6. Is it like FXOS can be clustered, but not FTD ???

 

Can someone please help in sorting out the confusions.

 

2 Replies 2

Muhammad Awais Khan
Cisco Employee
Cisco Employee

Hi,

 

You can configure Active/Standby Failover with your 4125. The document mentioned that HA is not supported when you configured clustering but without clustering you can configure active/standby Failover.

 

Configuraiton guide 6.5 for active/standby failover:

 

https://www.cisco.com/c/en/us/td/docs/security/firepower/650/configuration/guide/fpmc-config-guide-v65/high_availability_for_firepower_threat_defense.html

 

 

But if you want to have clustering or active/active you can still do that. Firepower 4100 series—Supported for up to 6 units using inter-chassis clustering. 

 

So to answer your question, FTD supports active/standby configuraiton and clustering also but both cannot be mixed.

just to add to my prevous response, within the clustering there is HA support in a way that both appliances interfaces are active and if one went down other device's link will remain active

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: