Cisco ASA 5505 Configuration Manual page 1213

Chapter 58 Using the High Availability and Scalability Wizard
The status of the adaptive security appliance appears during conversion to multiple context mode.
Security Context Configuration
The Security Context Configuration screen appears only for an Active/Active configuration, and lets you
assign security contexts to failover groups. It displays the name of currently configured security
contexts, lets you add new ones, and change or remove existing ones as needed. In addition, it displays
the failover group number to which the context is assigned and lets you change the failover group as
needed. Although you can create security contexts in this screen, you cannot assign interfaces to those
contexts or configure other properties for them. To configure context properties and assign interfaces to
a context, choose System > Security Contexts.
Failover Link Configuration
The Failover Link Configuration screen appears only if you are configuring LAN-based failover.
To configure LAN-based failover, perform the following steps:
Choose the LAN interface to use for failover communication from the drop-down list.
Step 1
Enter a name for the interface.
Step 2
Enter the IP address used for the failover link on the unit that has failover group 1 in the active state.
Step 3
This field accepts an IPv4 or IPv6 address.
Enter the IP address used for the failover link on the unit that has failover group 1 in the standby state.
Step 4
This field accepts an IPv4 or IPv6 address.
Enter or choose a subnet mask (IPv4 addresses or a prefix (IPv6 Addresses) for the Active IP and
Step 5
Standby IP addresses.
(For ASA 5505 only) Choose the switch port from the drop-down list, which includes the current VLAN
Step 6
assigned to each switch port and any name associated with the VLAN. Because a default VLAN exists
for every switch port, do not choose VLAN 1 for the inside port, because one less inside port will be
available for another use.
Note
(Optional) Enter the secret key used to encrypt failover communication. If you leave this field blank,
Step 7
failover communication, including any passwords or keys in the configuration that are sent during
command replication, will be in clear text.
State Link Configuration
Note The State Link Configuration screen does not appear on the ASA 5505.
OL-20339-01
To provide sufficient bandwidth for failover, do not use trunks or PoE for failover.
Configuring Failover with the High Availability and Scalability Wizard
Cisco ASA 5500 Series Configuration Guide using ASDM
58-7