1-6
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring a Cluster of ASAs
Information About ASA Clustering
Interface Type Mode
You must choose the interface type (Spanned EtherChannel or Individual) before you configure your
devices. See the following guidelines for the interface type mode:
• You can always configure the management-only interface as an Individual interface (recommended),
even in Spanned EtherChannel mode. The management interface can be an Individual interface even
in transparent firewall mode.
• In Spanned EtherChannel mode, if you configure the management interface as an Individual
interface, you cannot enable dynamic routing for the management interface. You must use a static
route.
• In multiple context mode, you must choose one interface type for all contexts. For example, if you
have a mix of transparent and routed mode contexts, you must use Spanned EtherChannel mode for
all contexts because that is the only interface type allowed for transparent mode.
Cluster Control Link
Each unit must dedicate at least one hardware interface as the cluster control link.
• Cluster Control Link Traffic Overview, page 1-7
• Cluster Control Link Network, page 1-7
• Sizing the Cluster Control Link, page 1-7
• Cluster Control Link Redundancy, page 1-8
ASA1/Master
ASA2
ASA3
ASA4
inside ten0/8
10.1.1.1 (main)
10.1.1.2 (local)
inside ten0/8
10.1.1.3 (local)
inside ten0/8
10.1.1.4 (local)
inside ten0/8
10.1.1.5 (local)
ten0/9 outside
209.165.201.1 (main)
209.165.201.2 (local)
ten0/9 outside
209.165.201.3 (local)
ten0/9 outside
209.165.201.4 (local)
ten0/9 outside
209.165.201.5 (local)
ten0/0
Load Balancing:
PBR or ECMP
Load Balancing:
PBR or ECMP
ten0/1
ten0/2
ten0/3
ten0/0
ten0/1
ten0/2
ten0/3
Outside SwitchInside Switch
333359
To Next Page
Loading...
Need help?
General