Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
438
Views
0
Helpful
3
Replies

Failover with ASA

Daniel Espley
Level 1
Level 1

‎01-16-2013 08:03 AM - edited ‎03-07-2019 11:07 AM

Hi,


is it possible to configure a Cisco 881 router to split the incoming internet connection between two ASA's? If one ASA fails then the router would switch traffic over to the second ASA. The 2nd ASA would takeover from the primary ASA through the active/standby failover configuration and crossover cable. I'm trying to avoid configuring the switch to control the traffic using VLANS if possible. i have attached a diagram to show what im trying to achieve.


Thanks

Labels:
Preview file
15 KB
0 Helpful
3 Replies 3

Karsten Iwen
VIP
VIP

‎01-16-2013 08:45 AM

What you describe is the normal way the ASA works with failover. Both ASA-systems work as one logical unit. You only have one IP that you use as next hop on the neighoring devices.


Sent from Cisco Technical Support iPad App

0 Helpful

Daniel Espley
Level 1
Level 1
In response to Karsten Iwen

‎01-16-2013 08:53 AM

Ok but i cannot find anywhere that explains how to split internet connection from the router.  at present i have WAN on one port and LAN (ASA) on vlan 1

0 Helpful

Karsten Iwen
VIP
VIP
In response to Daniel Espley

‎01-16-2013 09:04 AM

You connect both ASAs on the build-in switch in the same VLan. Both outside ASA-interfaces have to belong to the same network.

That's all you need. The router needs to reach both ASAs in the same VLAN. There is nothing to configure a split of traffic. One ASA will be active with the primary IP. If the active ASA fails, then the second ASA will take over with the same IP.


Sent from Cisco Technical Support iPad App

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card