1-4
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring a Cluster of ASAs
Information About ASA Clustering
Note If multiple units tie for the highest priority, the cluster unit name and then the serial number
is used to determine the master.
4. If a unit later joins the cluster with a higher priority, it does not automatically become the master
unit; the existing master unit always remains as the master unless it stops responding, at which point
a new master unit is elected.
Note You can manually force a unit to become the master. For centralized features, if you force a master unit
change, then all connections are dropped, and you have to re-establish the connections on the new master
unit. See the “Centralized Features” section on page 1-18 for a list of centralized features.
ASA Cluster Interfaces
You can configure data interfaces as either Spanned EtherChannels or as Individual interfaces. All data
interfaces in the cluster must be one type only.
• Interface Types, page 1-4
• Interface Type Mode, page 1-6
Interface Types
• Spanned EtherChannel (Recommended)
You can group one or more interfaces per unit into an EtherChannel that spans all units in the cluster.
The EtherChannel aggregates the traffic across all the available active interfaces in the channel. A
Spanned EtherChannel can be configured in both routed and transparent firewall modes. In routed
mode, the EtherChannel is configured as a routed interface with a single IP address. In transparent
mode, the IP address is assigned to the bridge group, not to the interface. The EtherChannel
inherently provides load balancing as part of basic operation. See also the “Spanned EtherChannel
(Recommended)” section on page 1-12.
To Next Page
Loading...
Need help?
General
