The issue I have now, other than the hunt for a stable L2 image is the connection between the 元 switch and the ASA. The image however keeps popping up segmentation faults (segfault) and the devices either stop working or shutdown. In a failure, the remaining active unit seamlessly. This configuration is ideal for environments with high traffic volume and resource-intensive applications. Active/Active failover allows both ASA units to process traffic simultaneously, distributing the load and maximizing resource utilization. By default, the burned-in MAC address of the ASA that you designate as the primary FW in the failover pair corresponds to the active IP address of the given. Section 3: Active/Active Failover Configuration. Vlan 10 and 11 can reach other other including the other vlans, 15 and 17. The first part of your post is correct, both units need to have the failover command however, the ASA will NOT assign virtual MAC addresses in single context mode. I've since replaced it with 'i86bi_linux_l2-adventerprisek9-ms' and inter-VLAN routing is working just fine. It seems the issue was/is with the IOU image, 'i86bi-linux-l2-adventerprisek9-15.2d'. I have attached a screenshot of the topology for reference. I cannot for the life of me figure out where I have messed up. Subsequently, vlan routing now seems to be messed with the hosts only being able to ping the vlan interface of their respective vlan on Switch 1, Nothing else. The switches and ASAs can ping each other with no problem. I have connected the two switches to two ASA in a failover active/standby scenario, with the ASA inside interfaces being on the same vlan 20 the switches are in. I have provided for the standby IPs as gateway for the vlans in the DHCP pools. They are configured for redundancy using hsrp with Switch 1 being the Primary and 2 the secondary. The switches are using vlan 20 for their connectivity. Refer to PIX/ASA 7. Switch 1 is providing inter-vlan routing for 4 vlans (Vlan 10, 11, 15 and 17). This document focuses on how to configure an Active/Active Failover in Cisco PIX/ASA Security Appliance. I have two 元 Switches connected via a lacp etherchannel link. ASA-A failover failover lan unit primary failover lan interface LFI Ethernet2 failover link LFI Ethernet2 failover interface ip LFI 1.1.1.1 255.255.255.0 standby 1.1.1.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |