I have these two brand spanking 5540's which would be configured in a HA design(Active/Standby)
The only bugger is this client has no spare IP's which can be used on the inside nor the outside.
Yes, all I have been given is two IP's(inside and outside)
I plan to use gig4 for command replication and monitoring
Yes, the design is such that these two new ASA's would be a second layer of security.
Now, is it absolutely necessary to have a secondary IP on the inside interface for the failover to occur or just a standby IP on the dedicated management interface is enough for the failover to happen?
Also, can someone let me know where ASA support interface tracking and punishing the active or standby device to give-up it's active state?
For a good desing ( Check the status of all the network interfaces) you do need it as failover is based on the exchange of hello packets between both the primary and secondary boxes.
Any other question.. Let me know.. Just remember to rate all of my answers.