Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
548
Views
0
Helpful
2
Replies

Redundant interface on transparent mode

Go to solution
kohsei.kadohno
Level 1
Level 1

‎10-06-2010 07:50 PM - edited ‎03-11-2019 11:51 AM

Hello,

I have a question about transparent mode firewall by ASA5510.

I want to connect 3 circuit as inside and primary / backup outside.

====

interface Ethernet0/0

   nameif inside

   security-level 100

interface redundant 1

  member-interface Ethernet 0/1
  member-interface Ethernet 0/2
  nameif outside

  security-level 0

====

But I could not find the command in several document that forces the active when the interface becomes available (like preempt command).

Can ASA5510 force the active interface?

Best Regards,

Kohsei,

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Nagaraja Thanthry
Cisco Employee
Cisco Employee

‎10-06-2010 08:13 PM

Hello,

If I understand you correct, you have connected Ethernet 0/1 to one ISP and Ethernet 0/2 to another ISP. Unfortunately, the Redundant interface configuration is not intended to support such scenario. When the second interface takes over the active role, it will stay active until it goes down. The Redundant interface feature is introduced to increase the reliability of the ASA connections. If my above assumption is correct, I guess the best option would be to use a hub/switch between the ISP devices and the ASA.

Hope this helps.

Regards,

NT

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Nagaraja Thanthry
Cisco Employee
Cisco Employee

‎10-06-2010 08:13 PM

Hello,

If I understand you correct, you have connected Ethernet 0/1 to one ISP and Ethernet 0/2 to another ISP. Unfortunately, the Redundant interface configuration is not intended to support such scenario. When the second interface takes over the active role, it will stay active until it goes down. The Redundant interface feature is introduced to increase the reliability of the ASA connections. If my above assumption is correct, I guess the best option would be to use a hub/switch between the ISP devices and the ASA.

Hope this helps.

Regards,

NT

0 Helpful

Go to solution
kohsei.kadohno
Level 1
Level 1
In response to Nagaraja Thanthry

‎10-06-2010 08:46 PM

Thanks a lot for the quick reply.

Yes, there are two ISPs in outside area, and these CE routers are configured same network segment on LAN side.

I will recommend other design for client.

Thanks again,

Kohsei,

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card