Filter
Top Products
15-28
Cisco ASDM User Guide
OL-16647-01
Chapter 15 High Availability
Field Information for the Failover Panes
Failover > Criteria Tab
Use this tab to define criteria for failover, such as how many interfaces must fail and how long to wait
between polls. The hold time specifies the interval to wait without receiving a response to a poll before
unit failover.
Note If you are configuring Active/Active failover, you do not use this tab to define the interface policy;
instead, you define the interface policy for each failover group using the Failover > Active/Active Tab.
With Active/Active failover, the interface policy settings defined for each failover group override the
settings on this tab. If you disable Active/Active failover, then the settings on this tab are used.
Fields
• Interface Policy—Contains the fields for defining the policy for failover when monitoring detects
an interface failure.
–
Number of failed interfaces that triggers failover—When the number of failed monitored
interfaces exceeds the value you set with this command, then the security appliance fails over.
The range is between 1 and 250 failures.
–
Percentage of failed interfaces that triggers failover—When the number of failed monitored
interfaces exceeds the percentage you set with this command, then the security appliance fails
over.
• Failover Poll Times—Contains the fields for defining how often hello messages are sent on the
failover link, and, optionally, how long to wait before testing the peer for failure if no hello messages
are received.
–
Unit Failover—The amount of time between hello messages among units. The range is between
1 and 15 seconds or between 200 and 999 milliseconds.
–
Unit Hold Time—Sets the time during which a unit must receive a hello message on the failover
link, or else the unit begins the testing process for peer failure. The range is between 1and 45
seconds or between 800 and 999 milliseconds. You cannot enter a value that is less than 3 times
the polltime.
–
Monitored Interfaces—The amount of time between polls among interfaces. The range is
between 1and 15 seconds or 500 to 999 milliseconds.
–
Interface Hold Time—Sets the time during which a data interface must receive a hello message
on the data interface, after which the peer is declared failed. Valid values are from 5 to 75
seconds.
Modes
The following table shows the modes in which this feature is available:
For More Information
For more information about failover in general, see Understanding Failover.
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
• •—— •