Filter
Top Products
15-15
Cisco ASDM User Guide
OL-16647-01
Chapter 15 High Availability
Field Information for the Failover Panes
Failover - Single Mode
The Failover pane contains the tabs where you can configure Active/Standby failover in single context
mode. For more information about failover, see Understanding Failover. For more information about
configuring the settings on each tab of the Failover pane, see the following information. Note that the
Interfaces tabs changes based on whether you are in routed firewall mode or transparent firewall mode.
• Failover: Setup
• Failover: Interfaces (Routed Firewall Mode)
• Failover: Interfaces (Transparent Firewall Mode)
• Failover: Criteria
• Failover: MAC Addresses
Failover: Setup
Use this tab to enable failover on the security appliance. You also designate the failover link and the state
link, if using Stateful Failover, on this tab.
For more information about configuring failover in general, see Understanding Failover.
Fields
• Enable Failover—Checking this check box enables failover and lets you configure a standby
security appliance.
Note The speed and duplex settings for the failover interface cannot be changed when Failover is
enabled. To change these settings for the failover interface, you must configure them in the
Configuration > Interfaces pane before enabling failover.
ASDM displays a dialog box asking if you want to configure the peer unit when you enable failover.
This dialog box also appears when the Preferred Role setting or, on the PIX security appliance
platform, the Enable LAN rather than serial cable failover setting changes.
–
Peer IP Address—Enter an IP address on the peer unit that ASDM can connect to. This field
appears on the Do you want to configure the failover peer firewall dialog box.
• Use 32 hexadecimal character key—Check this check box to enter a hexadecimal value for the
encryption key in the Shared Key box. Uncheck this check box to enter an alphanumeric shared
secret in the Shared Key box.
• Shared Key—Specifies the failover shared secret or key for encrypted and authenticated
communications between failover pairs.
If you checked the Use 32 hexadecimal character key check box, then enter a hexadecimal
encryption key. The key must be 32 hexadecimal characters (0-9, a-f).
If you unchecked the Use 32 hexadecimal character key check box, then enter an alphanumeric
shared secret. The shared secret can be from 1 to 63 characters. Valid character are any combination
of numbers, letters, or punctuation. The shared secret is used to generate the encryption key.
• Enable LAN rather than serial cable failover—(PIX security appliance platform only) Check this
check box to enable LAN Failover. Uncheck this check box to use the dedicated serial cable as the
failover link.
• LAN Failover—Contains the fields for configuring LAN Failover.