Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
338
Views
0
Helpful
2
Replies

Question of the concept of Active/Active Failover

netcraftjason
Level 1
Level 1

‎11-13-2006 05:57 PM - edited ‎03-09-2019 04:52 PM

Hi All,

I have read the 7.2(1) guide and picked up some knowledge about the AA FO. I would like to confirm some of my understanding, as the following:

1. AA on ASA7.0 is not functional as an actual load-balancing which network traffic are not being processed by two ASA simultaneously. The traffic is only passed to the ASA which is having the "Active" failover group. The two ASA are not holding one virtual IP as gateway for the network. Actually there are two Active/Standby failover group existing in the 2 units but Active role for each failover group can be act by each one of ASA.

2. VPN and dynamic routing protocol, multicast do not support in multi context mode.

Are the above concept right? Thanks!

Jason,

Best regards

Labels:
0 Helpful
2 Replies 2

Not applicable

‎11-14-2006 01:59 AM

0 Helpful

jkell
Level 1
Level 1

‎11-14-2006 07:29 AM

You are essentially correct, multiple context mode disables VPN and routing protocols.

The "active/active" is a misleading term because we are used to thinking in terms of a single context, and "active/standby" is the only way things worked prior to the ASAs.

Even *with* the ASAs, a given context ALWAYS runs in "active/standby" mode. A context NEVER has both peers in active mode.

When you have multiple contexts, they are still each running active/standby, but you can distribute the "active" sides to either ASA based on the failover group assignment.

0 Helpful
Customers Also Viewed These Support Documents