Configuring Lan-Based Active/Standby Failover - Cisco PIX 500 Series Configuration Manual

Security appliance command line

Hide thumbs Also See for PIX 500 Series:

Administration manual (653 pages)

Quick start manual (72 pages)

User manual (60 pages)

Table of Contents

Configuring Failover

Enable failover:

hostname(config)# failover

Power on the secondary unit and enable failover on the unit if it is not already enabled:

hostname(config)# failover

The active unit sends the configuration in running memory to the standby unit. As the configuration

synchronizes, the messages "Beginning configuration replication: sending to mate." and "End

Configuration Replication to mate" appear on the primary console.

Save the configuration to Flash memory on the primary unit. Because the commands entered on the

primary unit are replicated to the secondary unit, the secondary unit also saves its configuration to Flash

hostname(config)# copy running-config startup-config

Configuring LAN-Based Active/Standby Failover

This section describes how to configure Active/Standby failover using an Ethernet failover link. When

configuring LAN-based failover, you must bootstrap the secondary device to recognize the failover link

before the secondary device can obtain the running configuration from the primary device.

Stateful Failover is not available on the ASA 5505 adaptive security appliance.

Specify the interface to be used as the Stateful Failover link:

hostname(config)# failover link if_name phy_if

The if_name argument assigns a logical name to the interface specified by the phy_if argument. The

phy_if argument can be the physical port name, such as Ethernet1, or a previously created

subinterface, such as Ethernet0/2.3. This interface should not be used for any other purpose.

Assign an active and standby IP address to the Stateful Failover link:

hostname(config)# failover interface ip if_name ip_addr mask standby ip_addr

If the Stateful Failover link uses a data interface, skip this step. You have already defined the

active and standby IP addresses for the interface.

The standby IP address must be in the same subnet as the active IP address. You do not need to

identify the standby IP address subnet mask.

The Stateful Failover link IP address and MAC address do not change at failover unless it uses a data

interface. The active IP address always stays with the primary unit, while the standby IP address

stays with the secondary unit.

Enable the interface:

hostname(config)# interface phy_if

hostname(config-if)# no shutdown

Cisco Security Appliance Command Line Configuration Guide

Configuring Failover

Troubleshooting

Asa 5500 series

Configuring Lan-Based Active/Standby Failover - Cisco PIX 500 Series Configuration Manual

Configuring LAN-Based Active/Standby Failover

Troubleshooting

Related Manuals for Cisco PIX 500 Series

Related Content for Cisco PIX 500 Series

This manual is also suitable for:

Table of Contents