Failover can be setup for two identical security appliances connected to each other.
The devices can be connected either through a dedicated failover link and optionally, a stateful failover link.
The Adaptive Security Appliance (ASA) supports two failover configurations:
- Active/Active failover
- Active/Standby failover
Active/Active failover Setup?With Active/Active failover, both units can pass network traffic. This allows you to configure load balancing on your network. Active/Active failover is only available on units that run in multiple context mode.
Refer to the Configuring Active/Active Failover section of Configuring Failover for more information and the step-by-step procedures to configure the Active/Active failover.
Active/Standby failover Setup?With Active/Standby failover, only one unit passes traffic while the other unit waits in a standby state. Active/Standby failover is available on units that run in either single or multiple context mode.
Refer to the Configuring Active/Standby Failover section of Configuring Failover for more information and the step-by-step procedures to configure the Active/Standby failover.
Refer to these documents for more information:
Note: If Advanced Inspection and Prevention Security Services Module (AIP-SSM) is used, it operates independently of the ASA in terms of failover. For failover, all that is needed from an ASA perspective is that the AIP modules be of the same hardware type. Beyond that, as with any other portion of failover, the configurations of the ASA between the active and standby must be in sync.
Tags:activation, asa, configuration, configure, connection, enable, multiple, network, networking, prevent, secure, Security, services, sync, traffic
you can also grab the RSS feed or Subscribe to Techgurulive by Email
