Filter
Top Products
15-12
Cisco ASDM User Guide
OL-16647-01
Chapter 15 High Availability
Configuring Failover with the High Availability and Scalability Wizard
• Active IP—Double-click this field to edit or add an active IP address. Changes to this field also
appear in the Standby IP field for the corresponding interface on the peer unit.
• Standby IP—Double-click this field to edit or add a standby IP address. Changes to this field also
appear in the Active IP field for the corresponding interface on the peer unit.
• Is Monitored—Check this check box to enable health monitoring for that interface. Uncheck the
check box to disable the health monitoring. By default, health monitoring of physical interfaces is
enabled and health monitoring of virtual interfaces is disabled.
• ASR Group—Select the asynchronous group ID from the drop-down list. This setting is only
available for physical interface. For virtual interfaces this field displays “None”.
Modes
The following table shows the modes in which this feature is available:
VPN Cluster Load Balancing Configuration
If you have a remote-client configuration in which you are using two or more security appliances
connected to the same network to handle remote sessions, you can configure these devices to share their
session load. This feature is called load balancing. Load balancing directs session traffic to the least
loaded device, thus distributing the load among all devices. It makes efficient use of system resources
and provides increased performance anodize availability.
Use the VPN Cluster Load Balancing Configuration screen to set parameters necessary for this device
to participate in a load balancing cluster.
Note To use VPN load balancing, you must have an ASA Model 5510 with a Plus license or an ASA Model
5520 or 5540. VPN load balancing also requires an active 3DES/AES license. The security appliance
checks for the existence of this crypto license before enabling load balancing. If it does not detect an
active 3DES or AES license, the security appliance prevents the enabling of load balancing and also
prevents internal configuration of 3DES by the load balancing system unless the license permits this
usage.
Enabling load balancing involves:
• Configuring the load-balancing cluster by establishing a common virtual cluster IP address, UDP
port (if necessary), and IPSec shared secret for the cluster. These values are identical for every
device in the cluster.
• Configuring the participating device by enabling load balancing on the device and defining
device-specific properties. These values vary from device to device.
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
• • •— •