EasyManuals Logo
Home>Cisco>Firewall>5510 - ASA SSL / IPsec VPN Edition

Cisco 5510 - ASA SSL / IPsec VPN Edition User Manual

Cisco 5510 - ASA SSL / IPsec VPN Edition
2164 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #307 background imageLoading...
Page #307 background image
1-43
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring a Cluster of ASAs
Configuring ASA Clustering
What to Do Next
Add slave units. See the “Configuring Slave Unit Bootstrap Settings” section on page 1-43.
Examples
The following example configures a management interface, configures a device-local EtherChannel for
the cluster control link, and then enables clustering for the ASA called “unit1,” which will become the
master unit because it is added to the cluster first:
ip local pool mgmt 10.1.1.2-10.1.1.9
ipv6 local pool mgmtipv6 2001:DB8::1002/32 8
interface management 0/0
nameif management
ip address 10.1.1.1 255.255.255.0 cluster-pool mgmt
ipv6 address 2001:DB8::1001/32 cluster-pool mgmtipv6
security-level 100
management-only
no shutdown
interface tengigabitethernet 0/6
channel-group 1 mode on
no shutdown
interface tengigabitethernet 0/7
channel-group 1 mode on
no shutdown
cluster group pod1
local-unit unit1
cluster-interface port-channel1 ip 192.168.1.1 255.255.255.0
priority 1
key chuntheunavoidable
enable noconfirm
Configuring Slave Unit Bootstrap Settings
Perform the following procedures to configure the slave units.
Step 2
conn-rebalance [frequency seconds]
Example:
hostname(cfg-cluster)# conn-rebalance
frequency 60
Enables connection rebalancing for TCP traffic. This command is
disabled by default. If enabled, ASAs exchange load information
periodically, and offload new connections from more loaded
devices to less loaded devices. The frequency, between 1 and 360
seconds, specifies how often the load information is exchanged.
The default is 5 seconds.
Step 3
console-replicate
Example:
hostname(cfg-cluster)# console-replicate
Enables console replication from slave units to the master unit.
This feature is disabled by default. The ASA prints out some
messages directly to the console for certain critical events. If you
enable console replication, slave units send the console messages
to the master unit so you only need to monitor one console port
for the cluster.
Command Purpose

Table of Contents

Other manuals for Cisco 5510 - ASA SSL / IPsec VPN Edition

Preview: Configuration Guide
Configuration Guide1822 pages
Preview: Hardware Installation Guide
Hardware Installation Guide82 pages
Preview: Getting Started Guide
Getting Started Guide208 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 5510 - ASA SSL / IPsec VPN Edition and is the answer not in the manual?

Cisco 5510 - ASA SSL / IPsec VPN Edition Specifications

General IconGeneral
BrandCisco
Model5510 - ASA SSL / IPsec VPN Edition
CategoryFirewall
LanguageEnglish

Related product manuals