Filter
Top Products
15-26
Cisco ASDM User Guide
OL-16647-01
Chapter 15 High Availability
Field Information for the Failover Panes
Failover-Multiple Mode, System
This pane includes tabs for configuring the system-level failover settings in the system context of a
security appliance in multiple context mode. In multiple mode, you can configure Active/Standby or
Active/Active failover. Active/Active failover is automatically enabled when you create failover groups
in the device manager. For both types of failover, you need to provide system-level failover settings in
the system context, and context-level failover settings in the individual security contexts. For more
information about configuring failover in general, see Understanding Failover.
Seethe following topics for more information:
• Failover > Setup Tab
• Failover > Criteria Tab
• Failover > Active/Active Tab
• Failover > MAC Addresses Tab
Failover > Setup Tab
Use this tab to enable failover on a security appliance in multiple context mode. You also designate the
failover link and the state link, if using Stateful Failover, on this tab.
Fields
• Enable Failover—Checking this check box enables failover and lets you configure a standby
security appliance.
Note The speed and duplex settings for an interface cannot be changed when Failover is enabled. To
change these settings for the failover interface, you must configure them in the Configuration >
Interfaces pane before enabling failover.
• Use 32 hexadecimal character key—Check this check box to enter a hexadecimal value for the
encryption key in the Shared Key field. Uncheck this check box to enter an alphanumeric shared
secret in the Shared Key field.
• Shared Key—Specifies the failover shared secret or key for encrypted and authenticated
communications between failover pairs.
If you checked the Use 32 hexadecimal character key check box, then enter a hexadecimal
encryption key. The key must be 32 hexadecimal characters (0-9, a-f).
If you cleared the Use 32 hexadecimal character key check box, then enter an alphanumeric shared
secret. The shared secret can be from 1 to 63 characters. Valid character are any combination of
numbers, letters, or punctuation. The shared secret is used to generate the encryption key.
• Enable LAN rather than serial cable failover—(PIX security appliance platform only) Check this
check box to enable LAN failover. Uncheck this check box to use the dedicated serial link as the
failover link.
• LAN Failover—Contains the fields for configuring LAN Failover.
–
Interface—Specifies the interface used for failover communication. Failover requires a
dedicated interface, however, you can use the same interface for Stateful Failover.