05-28-2019 06:15 AM
Cisco Adaptive Security Appliance Software Version 9.6(4)8
We're going to change the netmask on two interfaces on a ASA5585x Firewall.
These interfaces are critical for a system the runs behind these interfaces,
and these system cannot have any downtime or LoS.
So my question is, how much of an impact does the change of the netmask
have on these systems, will there be any downtime because of this?
The config i want to do is:
#interface Port-channel23.808
#ip address 172.31.28.1 255.255.252.0 standby 172.31.28.2
and
#interface Port-channel23.810
#ip address 172.31.24.1 255.255.252.0 standby 172.31.24.2
Will there be any loss of packets and/or sessions?
the ASA is in a HA-cluster.
Current config is:
interface Port-channel23.808
vlan 808
nameif eR-Tst
security-level 30
ip address 172.31.28.1 255.255.255.0 standby 172.31.28.2
ipv6 address 2001:67c:274:1309::1/64 standby 2001:67c:274:1309::2
ipv6 enable
ipv6 nd prefix 2001:67c:274:1309::/64 no-autoconfig
interface Port-channel23.810
vlan 810
nameif eR-Srv
security-level 40
ip address 172.31.24.1 255.255.255.0 standby 172.31.24.2
policy-route route-map rm-er-srv
ipv6 address 2001:67c:274:1313::1/64 standby 2001:67c:274:1313::2
ipv6 enable
ipv6 nd prefix 2001:67c:274:1313::/64 no-autoconfig
Thanks in advance if these is anyone who knows if there is a way to change
subnetmask without disrupting the network on an ASA5585 in a HA-cluster.
With Regards
Staffan Celind
05-28-2019 09:08 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide