Example 15: Secondary Unit Configuration - Cisco PIX 500 Series Configuration Manual

Example 15: ASA 5505 Security Plus License with Failover and Dual-ISP Backup
frequency 5
sla monitor schedule 123 life forever start-time now
track 1 rtr 123 reachability
route outside 0 0 209.165.200.234 1 track 1
! This route is for the primary ISP.
route backup-isp 0 0 209.165.202.154 2
! If the link goes down for the primary ISP, either due to a hardware failure
! or unplugged cable, then this route will be used.
http server enable
http 192.168.1.0 255.255.255.0 inside
dhcpd address 192.168.1.2-192.168.1.254 inside
dhcpd auto_config outside
dhcpd enable inside
logging asdm informational
ssh 192.168.1.0 255.255.255.0 inside

Example 15: Secondary Unit Configuration

You only need to configure the secondary security appliance to recognize the failover link. The
secondary security appliance obtains the context configurations from the primary security appliance
upon booting or when failover is first enabled.
interface ethernet 0/4
switchport access vlan 5
no shutdown
failover
failover lan unit secondary
failover lan interface faillink vlan5
failover polltime unit 3 holdtime 10
failover key key1
failover interface ip faillink 10.1.1.1 255.255.255.0 standby 10.1.1.2
Cisco Security Appliance Command Line Configuration Guide
B-38
Appendix B Sample Configurations
OL-12172-03