Filter
Top Products
15-32
Cisco ASDM User Guide
OL-16647-01
Chapter 15 High Availability
Field Information for the Failover Panes
–
Active Interface—Specifies the MAC address for the interface and failover group on the unit
where the failover group is active. Each interface may have up to two MAC addresses, one for
each failover group, which override the physical MAC address. Enter the MAC address in
hexadecimal format (for example, 0123.4567.89AB).
–
Standby Interface—Specifies the MAC address for the interface and failover group on the unit
where the failover group is in the standby state. Each interface may have up to two MAC
addresses, one for each failover group, which override the physical MAC address. Enter the
MAC address in hexadecimal format (for example, 0123.4567.89AB).
Modes
The following table shows the modes in which this feature is available:
For More Information
For more information about failover in general, see Understanding Failover.
Failover > MAC Addresses Tab
The MAC Addresses tab lets you configure the virtual MAC addresses for the interfaces in an
Active/Standby failover pair.
In Active/Standby failover, the MAC addresses for the primary unit are always associated with the active
IP addresses. If the secondary unit boots first and becomes active, it uses the burned-in MAC address for
its interfaces. When the primary unit comes online, the secondary unit obtains the MAC addresses from
the primary unit. The change can disrupt network traffic.
You can configure virtual MAC addresses for each interface to ensure that the secondary unit uses the
correct MAC addresses when it is the active unit, even if it comes online before the primary unit. If you
do not specify virtual MAC addresses, then the failover pair uses the burned-in NIC address as the MAC
address.
Note You cannot configure a virtual MAC address for the failover or state links. The MAC and IP addresses
for those links do not change during failover.
In Active/Active failover, the MAC addresses configured on this tab are not in effect. Instead, the MAC
addresses defined in the failover groups are used.
Fields
• MAC Addresses—Lists physical interfaces on the security appliance for which an active and
standby virtual MAC address has been configured.
–
Physical Interface—Identifies the physical interface for which failover virtual MAC addresses
are configured.
–
Active MAC Address—Identifies the MAC address on the active security appliance (usually
primary).
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
• •—— •