Cisco Systems ASA 5580 Network Router User Manual

Open as PDF

of 2086

66-6

Cisco ASA 5500 Series Configuration Guide using ASDM

Chapter 66 Configuring Active/Standby Failover

Guidelines and Limitations

• Both units must be in the same mode (single or multiple, transparent or routed).

Guidelines and Limitations

This section includes the guidelines and limitations for this feature.

Context Mode Guidelines

• Supported in single and multiple context mode.

• For multiple context mode, perform all steps in the system execution space unless otherwise noted.

Firewall Mode Guidelines

• Supported in transparent and routed firewall mode.

IPv6 Guidelines

• IPv6 failover is supported.

Model Guidelines

• Stateful failover is not supported on the ASA 5505.

Additional Guidelines and Limitations

Configuring port security on the switch(es) connected to an ASA failover pair can cause communication

problems when a failover event occurs. This is because if a secure MAC address configured or learned

on one secure port moves to another secure port, a violation is flagged by the switch port security feature.

ASA failover replication fails if you try to make a configuration change in two or more contexts at the

same time. The workaround is to make configuration changes on each unit sequentially.

The following guidelines and limitations apply for Active/Standby failover:

• To receive packets from both units in a failover pair, standby IP addresses need to be configured on

all interfaces.

• The standby IP addresses are used on the ASA that is currently the standby unit, and they must be

in the same subnet as the active IP address on the corresponding interface on the active unit.

• If you change the console terminal pager settings on the active unit in a failover pair, the active

console terminal pager settings change, but the standby unit settings do not. A default configuration

issued on the active unit does affect behavior on the standby unit.

• When you enable interface monitoring, you can monitor up to 250 interfaces on a unit.

• By default, the ASA does not replicate HTTP session information when Stateful Failover is enabled.

Because HTTP sessions are typically short-lived, and because HTTP clients typically retry failed

connection attempts, not replicating HTTP sessions increases system performance without causing

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems ASA 5580 Network Router User Manual