Cisco ASA 5505 Configuration Manual page 1243

Asa 5500 series

Hide thumbs Also See for ASA 5505:

Getting started manual (168 pages)

Administrator's manual (118 pages)

Hardware installation manual (82 pages)

Table of Contents

Configuring Active/Active Failover

Guidelines and Limitations

This section includes the guidelines and limitations for this feature.

Context Mode Guidelines

Supported in multiple context mode only.

Firewall Mode Guidelines

Supported only in routed and transparent firewall mode.

IPv6 Guidelines

IPv6 failover is supported.

Model Guidelines

Active/Active failover is not available on the Cisco ASA 5505 adaptive security appliance.

Additional Guidelines and Limitations

The following features are not supported for Active/Active failover:

To receive packets from both units in a failover pair, standby IP addresses need to be configured on

all interfaces.

The standby IP address is used on the security appliance that is currently the standby unit, and it

must be in the same subnet as the active IP address.

You can define a maximum number of two failover groups.

Failover groups can only be added to the system context of devices that are configured for multiple

context mode.

You can create and remove failover groups only when failover is disabled.

Entering the failover group command puts you in the failover group command mode. The primary,

secondary, preempt, replication http, interface-policy, mac address, and polltime interface

commands are available in the failover group configuration mode. Use the exit command to return

to global configuration mode.

The failover polltime interface, failover interface-policy, failover replication http, and failover MAC

address commands have no effect on Active/Active failover configurations. They are overridden by

the following failover group configuration mode commands: polltime interface, interface-policy,

replication http, and mac address.

When removing failover groups, you must remove failover group 1 last. Failover group1 always

contains the admin context. Any context not assigned to a failover group defaults to failover group 1.

You cannot remove a failover group that has contexts explicitly assigned to it.

VPN failover is unavailable. (It is available in Active/Standby failover configurations only.)

Cisco ASA 5500 Series Configuration Guide using ASDM

Guidelines and Limitations

Show Quick Links

Chapters

Table of Contents

Asa 5510 Asa 5540 Asa 5520 Asa 5550 Asa 5580

Cisco ASA 5505 Configuration Manual page 1243

Hide quick links:

Chapters

Related Manuals for Cisco ASA 5505

Related Products for Cisco ASA 5505

This manual is also suitable for:

Table of Contents