ASA - High Availability
- dale warner
- Aug 22, 2024
- 1 min read
Some configuration examples related to Cisco ASA HA (Active/Passive and Active/Active)
Active/Passive Failover - Same Failover & State Link
PRIMARY UNIT
interface g0/4
no shut
!
failover lan unit primary
failover lan interface FAILOVER gig0/4
failover key CISCO1234
failover link FAILOVER gig0/4
failover interface ip FAILOVER 1.1.1.1 255.255.255.252 standby 1.1.1.2
failover
SECONDARY UNIT
failover lan unit secondary
failover lan interface FAILOVER gig0/4
failover key CISCO1234
failover link FAILOVER gig0/4
failover interface ip FAILOVER 1.1.1.1 255.255.255.252 1.1.1.2
failover
!
interface gig0/4
no shutActive/Passive Failover - Different Failover & State Links
PRIMARY UNIT
interface g0/4
no shut
interface g0/5
no shut
!
failover lan unit primary
failover lan interface FAILOVER gig0/4
failover key CISCO1234
failover link STATE gig0/5
failover interface ip FAILOVER 1.1.1.1 255.255.255.252 standby 1.1.1.2
failover interface ip STATE 1.1.1.5 255.255.255.252 standby 1.1.1.6
failover
SECONDARY UNIT
failover lan unit secondary
failover lan interface FAILOVER gig0/4
failover key CISCO1234
failover link STATE gig0/5
failover interface ip FAILOVER 1.1.1.1 255.255.255.252 standby 1.1.1.2
failover interface ip STATE 1.1.1.5 255.255.255.252 standby 1.1.1.6
failover
!
interface g0/4
no shut
interface g0/5
no shutActive/Active Failover
Should be used with Contexts. First setup Active/Passive failover then do the following
SECONDARY UNIT
no failover
PRIMARY UNIT
no failover
!
failover group 1
primary
preempt
!
failover group 2
secondary
preempt
!
!
context CONTEXT-A
join-failover-group 1
!
context CONTEXT-B
join-failover-group 2
!
failover