Cisco ASA Series Cli Configuration Manual page 325
Software version 9.0 for the services module
Hide thumbs
Also See for ASA Series:
- Configuration manual (429 pages) ,
- Getting started (31 pages) ,
- Mount and connect (12 pages)
Table of Contents
Advertisement
Chapter 1
Configuring a Cluster of ASAs
Traffic Segregation
Switch
You may prefer physical separation of traffic between the inside and outside network.
As shown in the diagram above, there is one Spanned EtherChannel on the left side that connects to the
inside switch, and the other on the right side to outside switch. You can also create VLAN subinterfaces
on each EtherChannel if desired.
Interface Mode on Each Unit
cluster interface-mode spanned force
ASA1 Master Bootstrap Configuration
interface tengigabitethernet 0/6
interface tengigabitethernet 0/7
interface port-channel 1
cluster group cluster1
Cluster Control Link
192.168.1.1, .2, and .3
2001:DB8::1002/64 (Pool: 8 IPs)
channel-group 1 mode on
no shutdown
channel-group 1 mode on
no shutdown
description CCL
local-unit asa1
cluster-interface port-channel1 ip 192.168.1.1 255.255.255.0
priority 1
key chuntheunavoidable
enable noconfirm
port-ch1
ASA1
ten0/6
ten0/7
ten0/8
ten0/9
man0/0
ASA2
ten0/6
ten0/7
ten0/8
ten0/9
man0/0
ASA3
ten0/6
ten0/7
ten0/8
ten0/9
man0/0
management
10.1.1.1 (Pool: .2-.9),
Cisco ASA Series CLI Configuration Guide
Configuration Examples for ASA Clustering
Switch
1-61
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
