57-6
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 57 Information About High Availability
Stateless (Regular) and Stateful Failover
Table 57-1 provides a comparison of some of the features supported by each type of failover
configuration:
Stateless (Regular) and Stateful Failover
The adaptive security appliance supports two types of failover, regular and stateful. This section includes
the following topics:
• Stateless (Regular) Failover, page 57-6
• Stateful Failover, page 57-6
Stateless (Regular) Failover
When a failover occurs, all active connections are dropped. Clients need to reestablish connections when
the new active unit takes over.
Note In Version 8.0 and later, some configuration elements for WebVPN (such as bookmarks and
customization) use the VPN failover subsystem, which is part of Stateful Failover. You must use Stateful
Failover to synchronize these elements between the members of the failover pair. Stateless (regular)
failover is not recommended for WebVPN.
Stateful Failover
When Stateful Failover is enabled, the active unit continually passes per-connection state information to
the standby unit. After a failover occurs, the same connection information is available at the new active
unit. Supported end-user applications are not required to reconnect to keep the same communication
session.
Table 57-1 Failover Configuration Feature Support
Feature Active/Active Active/Standby
Single Context Mode No Yes
Multiple Context Mode Yes Yes
Traffic Sharing Network Configurations Yes No
Unit Failover Yes Yes
Failover of Groups of Contexts Yes No
Failover of Individual Contexts No No
To Next Page
Loading...
Need help?
General
