Solved: Cisco ASA 8.4 Failover Active/Standby using anyconnect with local CA

alexdelangel · ‎05-18-2015

Hi Friend´s

I hope you are doing well! I´ve got a question, hope you can help me. I´ve got an ASA 5550 with version 8.4(6), it´s concentrating anyconnect Remote Access VPN authenticating via certificate generated locally in ASA. We´ve got another 5550 with same hardware and same version and we are interested about setup Failover. I´ve heard from another network engineers that it´s not possible to setup Failover when the ASA is doing local CA. Then I´ve read the complete failover user guide for version 8.4(6) and I didn´t find any restrictions about failover and local CA working together. I´m testing on the next weekend, but I would like to know from your experience if I will have issues about the VPN connections or the setup of failover.

Please, feel free to request as much information as needed. Any comment and documentation will be appreciated.

Best Regards!

Karsten Iwen · ‎05-18-2015

This is from the documentation:

Does not support Active/Active or Active/Standby failover

And in addition to that, ASDM only shows "Local CA cannot be configured when failover is enabled".

View solution in original post

Karsten Iwen · ‎05-18-2015

This is from the documentation:

Does not support Active/Active or Active/Standby failover

And in addition to that, ASDM only shows "Local CA cannot be configured when failover is enabled".

alexdelangel · ‎05-18-2015

Hi Karsten,

Thank you so much for the answer. It would be a shame me to got the maintenance window with bad results.

Best Regards!