EasyManuals Logo
Home>Cisco>Firewall>5510 - ASA SSL / IPsec VPN Edition

Cisco 5510 - ASA SSL / IPsec VPN Edition User Manual

Cisco 5510 - ASA SSL / IPsec VPN Edition
2164 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #301 background imageLoading...
Page #301 background image
1-37
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring a Cluster of ASAs
Configuring ASA Clustering
What to Do Next
Configure the master unit bootstrap settings. See the “Configuring the Master Unit Bootstrap Settings”
section on page 1-37.
Configuring the Master Unit Bootstrap Settings
Each unit in the cluster requires a bootstrap configuration to join the cluster. Typically, the first unit you
configure to join the cluster will be the master unit. After you enable clustering, after an election period,
the cluster elects a master unit. With only one unit in the cluster initially, that unit will become the master
unit. Subsequent units that you add to the cluster will be slave units.
Prerequisites, page 1-38
Enabling the Cluster Control Link Interface, page 1-38
Configuring Basic Bootstrap Settings and Enabling Clustering, page 1-40
Configuring Advanced Clustering Settings, page 1-42
Examples, page 1-43
Transparent Mode:
bridge-group number
Example:
hostname(config-if)# bridge-group 1
Assigns the interface to a bridge group, where number is an
integer between 1 and 100. You can assign up to four interfaces to
a bridge group. You cannot assign the same interface to more than
one bridge group. Note that the BVI configuration includes the
IP address.
Step 12
security-level number
Example:
hostname(config-if)# security-level 50
Sets the security level, where number is an integer between 0
(lowest) and 100 (highest). See the “Security Levels” section on
page 1-1.
Step 13
mac-address mac_address
Example:
hostname(config-if)# mac-address
000C.F142.4CDE
You must configure a MAC address for a Spanned EtherChannel
so that the MAC address does not change when the current master
unit leaves the cluster; with a manually-configured MAC address,
the MAC address stays with the current master unit.
In multiple context mode, if you share an interface between
contexts, auto-generation of MAC addresses is enabled by
default, so you only need to set the MAC address manually for a
shared interface if you disable auto-generation. Note that you
must manually configure the MAC address for non-shared
interfaces.
The mac_address is in H.H.H format, where H is a 16-bit
hexadecimal digit. For example, the MAC address
00-0C-F1-42-4C-DE is entered as 000C.F142.4CDE.
The first two bytes of a manual MAC address cannot be A2 if you
also want to use auto-generated MAC addresses.
Command Purpose

Table of Contents

Other manuals for Cisco 5510 - ASA SSL / IPsec VPN Edition

Preview: Configuration Guide
Configuration Guide1822 pages
Preview: Hardware Installation Guide
Hardware Installation Guide82 pages
Preview: Getting Started Guide
Getting Started Guide208 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 5510 - ASA SSL / IPsec VPN Edition and is the answer not in the manual?

Cisco 5510 - ASA SSL / IPsec VPN Edition Specifications

General IconGeneral
BrandCisco
Model5510 - ASA SSL / IPsec VPN Edition
CategoryFirewall
LanguageEnglish

Related product manuals