1-5
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring a Cluster of ASAs
Information About ASA Clustering
• Individual interfaces (Routed firewall mode only)
Individual interfaces are normal routed interfaces, each with their own Local IP address. Because
interface configuration must be configured only on the master unit, the interface configuration lets
you set a pool of IP addresses to be used for a given interface on the cluster members, including one
for the master. The Main cluster IP address is a fixed address for the cluster that always belongs to
the current master unit. The Main cluster IP address is a secondary IP address for the master unit;
the Local IP address is always the primary address for routing. The Main cluster IP address provides
consistent management access to an address; when a master unit changes, the Main cluster IP
address moves to the new master unit, so management of the cluster continues seamlessly. Load
balancing, however, must be configured separately on the upstream switch in this case. For
information about load balancing, see the “Load Balancing Methods” section on page 1-12.
Note We recommend Spanned EtherChannels instead of Individual interfaces because Individual
interfaces rely on routing protocols to load-balance traffic, and routing protocols often have
slow convergence during a link failure.
ASA1
ASA2
ASA3
ASA4
ten0/8
ten0/9
ten0/9
ten0/9
ten0/9
ten0/8
ten0/8
ten0/8
port-channel 5
port-channel 6
Inside
Spanned
port-channel 1
10.1.1.1
Outside
Spanned
port-channel 2
209.165.201.1
Outside SwitchInside Switch
333361
To Next Page
Loading...
Need help?
General
