10-22-2012 09:09 AM - edited 03-11-2019 05:12 PM
Dear Cisco
I have two 5505 ASA. I would like to know can I make two 5505 failover reduntant with active standby setup?
Regards
Alan.
Solved! Go to Solution.
10-23-2012 02:55 AM
10-22-2012 10:27 AM
Hello Alan,
http://secret-epedemiology-statistic.org.ua/1587052091/ch11lev1sec3.html
Hope I could help
10-23-2012 12:47 AM
Thx, but I would like to know that is Cisco 5505 model support active standby failover reduntant configuration?
Thank you.
10-23-2012 01:28 AM
Alan,
Unfortunately the 5505 does not support failover, you will need the 5510 Security Plus at least for this feature:
http://www.cisco.com/en/US/products/ps6120/prod_models_comparison.html
10-23-2012 01:55 AM
Hi Alan,
If you have this 5505, and no budget to buy another 2 ASAs, you can do the failover, but on switch/router level that before the firewall, and use track option.
Note:
1-if you have one public ip, then it will be more difficult, as you will need to make it in another router then to the firewall.
2- if you add any configuration to the primary firewall, you have to do the same on the secondary firewall manually.
Regards,
MKD
10-23-2012 02:13 AM
Dear MKD
I have 2 5505 ASA, do you think is support 2 x 5505 reduntant failover with active standby setup? I have experienced to setup two 5510 failover reduntant, but I do not know Cisco 5505 support failover reduntant setup or not?
Best regards
Alan.
10-23-2012 02:18 AM
Hi Alan,
Normal way no.
What i gave you in work around way.
Plz rate if this help.
Regards,
MKD
10-23-2012 02:24 AM
thank you very much MKD
I have already using 5505 with dual ISP backup. I just want to make sure I can or cannot use 2 5505 to build failover reduntant. Now, I know and confirmed I CANNOT use 2 5505 to build active standby redundant failover. Thank you very much.
10-23-2012 02:29 AM
As i said, you can not do failover on 5505 as ASA configuration.
BUT, you can simulate the failover by doing the setting/config on the switch level, since you have 2 ISP, it will be possible to do that.
Make the default route to the secondary firewall with tracking, then make another default route with distance 10 to the secondary firewall.
this will solve your porblem.
Plz rate this if its help.
Regards,
MKD
10-23-2012 02:33 AM
hello MKD
one again. So 5505 can or CANNOT do failover with active standby configuration?
Alan
10-23-2012 02:55 AM
Alan,
They CANNOT. Please refer to the link I posted above
Tim
10-23-2012 09:21 AM
Hello Alan,
Actually it can do failover but not stateful failover. That is the only difference. And of course you need to have a license for that
http://linuxsysadminblog.com/2009/02/cisco-asa-5505-activestandby-failover-configuration/
http://serg0.blogspot.com/2012/01/cisco-asa-5505-failover.html
Remember to rate all of the helpful posts
Julio
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide