Configuring Active/Active Failover - Cisco FirePOWER ASA 5500 series Configuration Manual
Security appliance command line
Hide thumbs
Also See for FirePOWER ASA 5500 series:
- Datasheet (20 pages) ,
- Configuration manual (1140 pages)
Table of Contents
Advertisement
Configuring Failover
4.
Use the show interface command to display the MAC address used by an interface.
Configuring Active/Active Failover
This section describes how to configure Active/Active failover.
Note
Active/Active failover is not available on the ASA 5505 series adaptive security appliance.
This section includes the following topics:
•
•
•
•
Prerequisites
Before you begin, verify the following:
•
•
Configuring Cable-Based Active/Active Failover (PIX security appliance)
Follow these steps to configure Active/Active failover using a serial cable as the failover link. The
commands in this task are entered on the primary unit in the failover pair. The primary unit is the unit
that has the end of the cable labeled "Primary" plugged into it. For devices in multiple context mode, the
commands are entered in the system execution space unless otherwise noted.
You do not need to bootstrap the secondary unit in the failover pair when you use cable-based failover.
Leave the secondary unit powered off until instructed to power it on.
Cable-based failover is only available on the PIX 500 series security appliance.
To configure cable-based, Active/Active failover, perform the following steps:
Connect the failover cable to the PIX 500 series security appliances. Make sure that you attach the end
Step 1
of the cable marked "Primary" to the unit you use as the primary unit, and that you attach the end of the
cable marked "Secondary" to the unit you use as the secondary unit.
Power on the primary unit.
Step 2
If you have not done so already, configure the active and standby IP addresses for each data interface
Step 3
(routed mode), for the management IP address (transparent mode), or for the management-only
interface. The standby IP address is used on the security appliance that is currently the standby unit. It
must be in the same subnet as the active IP address.
You must configure the interface addresses from within each context. Use the changeto context
command to switch between contexts. The command prompt changes to
hostname/context(config-if)#
management IP address for each context in transparent firewall multiple context mode.
Cisco Security Appliance Command Line Configuration Guide
14-26
The burned-in MAC address.
Prerequisites, page 14-26
Configuring Cable-Based Active/Active Failover (PIX security appliance), page 14-26
Configuring LAN-Based Active/Active Failover, page 14-28
Configuring Optional Active/Active Failover Settings, page 14-32
Both units have the same hardware, software configuration, and proper license.
Both units are in multiple context mode.
, where context is the name of the current context. You must enter a
Chapter 14
Configuring Failover
OL-10088-01
Advertisement
Table of Contents
Troubleshooting
