I was just preparing to replace the primary ASA in an HA pair and could not find a solid answer to this question. I found that, indeed, the primary ASA started replicating it's blank config to the secondary as soon as I connected the LAN Failover cable. Here's the steps to keep this from happening: configure the primary for failover - failover lan unit primary failover lan interface LANFail GigabitEthernet0/2 failover replication http failover link stateful GigabitEthernet0/3 failover interface ip LANFail 172.16.100.1 255.255.255.0 standby 172.16.100.2 failover interface ip stateful 172.16.101.1 255.255.255.0 standby 172.16.101.2 Configure all interfaces with the primary IP (no standby needed at this point) 'no shut' on all active interfaces no failover active <------- (critical! Forces the primary to standby) connect lan failover cable (the only one needed at this point) Secondary will start replicating to primary. Once the replication is complete (show failover, ensure primary is "standby ready", you can connect the remaining cables and do a 'failover active' on the primary. Hope this helps others...
... View more
Hi Experts I heard about the capability that the AnyConnect 2.4.x is able to reconnect a previous DTLS session without re-entering the xauth credentials? Can any one tell me were this feature can be enabled on the ASA with 8.2.2 code? I'm looking as well for some related documents. Many thanks in advance. best regards Nico
... View more