EasyManuals Logo

Cisco 5510 - ASA SSL / IPsec VPN Edition Configuration Guide

Cisco 5510 - ASA SSL / IPsec VPN Edition
1822 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1240 background imageLoading...
Page #1240 background image
60-4
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 60 Configuring Active/Active Failover
Information About Active/Active Failover
Changes entered in the admin context are replicated from the unit on which failover group 1 is in
the active state to the unit on which failover group 1 is in the standby state.
Failure to enter the changes on the appropriate unit for command replication to occur causes the
configurations to be out of synchronization. Those changes may be lost the next time the initial
configuration synchronization occurs.
Table 60-1 lists the commands that are and are not replicated to the standby unit.
Replicated commands are not saved to the flash memory when replicated to the peer unit. They are added to the running
configuration.
Failover Triggers
In Active/Active failover, failover can be triggered at the unit level if one of the following events occurs:
The unit has a hardware failure.
The unit has a power failure.
The unit has a software failure.
You force a failover (see Forcing Failover, page 60-17).
Failover is triggered at the failover group level when one of the following events occurs:
Too many monitored interfaces in the group fail.
You force a failover (see Forcing Failover, page 60-17).
You configure the failover threshold for each failover group by specifying the number or percentage of
interfaces within the failover group that must fail before the group fails. Because a failover group can
contain multiple contexts, and each context can contain multiple interfaces, it is possible for all
interfaces in a single context to fail without causing the associated failover group to fail.
See the “Failover Health Monitoring” section on page 57-10 for more information about interface and
unit monitoring.
Table 60-1 Command Replication
Commands Replicated to the Standby Unit Commands Not Replicated to the Standby Unit
all configuration commands except for the mode,
firewall, and failover lan unit commands
all forms of the copy command except for copy
running-config startup-config
copy running-config startup-config all forms of the write command except for write
memory
delete debug
mkdir failover lan unit
rename firewall
rmdir mode
write memory show

Table of Contents

Other manuals for Cisco 5510 - ASA SSL / IPsec VPN Edition

Preview: Cli Configuration Guide
Cli Configuration Guide2164 pages
Preview: Hardware Installation Guide
Hardware Installation Guide82 pages
Preview: Getting Started Guide
Getting Started Guide208 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 5510 - ASA SSL / IPsec VPN Edition and is the answer not in the manual?

Cisco 5510 - ASA SSL / IPsec VPN Edition Specifications

General IconGeneral
BrandCisco
Model5510 - ASA SSL / IPsec VPN Edition
CategoryFirewall
LanguageEnglish

Related product manuals