You should remove all other configuration from the interface, if any has been entered. For clarity, add a description to the interface (STATE Failover Interface). Choose one of its free interfaces so that it can be used for synchronizing with the Cisco ASA #2 device. Choose the synchronization interfaceĬonnect to your first Cisco ASA device, that we will call Cisco ASA #1. If you have different versions of IOS installed, upgrade it on one of the devices.
Use the “ sh ver” command for that FW-DELTACONFIG-1# sh verĬisco Adaptive Security Appliance Software Version 9.4(2)6 When configuring failover, the order in which you enter the configuration commands, as well as the order in which you connect two Cisco ASA devices together, is more important than the configuration itself.īefore you begin to connect and configure your Cisco ASA devices, make sure that the IOS versions on both ASA are identical and supports the failover mode. There are exceptions to these rules, but I am deliberately not mentioning them in this article, so that the possible problems with the configuration can be brought to a minimum. – failover WILL NOT work if your Cisco ASA is configured to connect to the ISP through PPPoE protocol – both devices need to have the same IOS image installed, for example 9.4(2)6 – In order to create a Cisco ASA failover cluster, you need to have two devices of the exact same model, for example Cisco ASA 5515X
– Of the two Cisco ASA devices that have been combined into a cluster and configured to work in the failover mode, only one (!) device will be active and forward traffic. Before getting into the configuration details of Cisco ASA backup scheme (called failover), I would like to point out a few rules regarding the technology itself:
0 kommentar(er)
