EasyManuals Logo
Home>Cisco>Firewall>FirePOWER ASA 5500 series

Cisco FirePOWER ASA 5500 series User Manual

Cisco FirePOWER ASA 5500 series
989 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #211 background imageLoading...
Page #211 background image
14-9
Cisco Security Appliance Command Line Configuration Guide
OL-10088-01
Chapter 14 Configuring Failover
Understanding Failover
Active/Active Failover
This section describes Active/Active failover. This section includes the following topics:
• Active/Active Failover Overview, page 14-9
• Primary/Secondary Status and Active/Standby Status, page 14-10
• Device Initialization and Configuration Synchronization, page 14-11
• Command Replication, page 14-11
• Failover Triggers, page 14-12
• Failover Actions, page 14-13
Active/Active Failover Overview
Active/Active failover is only available to security appliances in multiple context mode. In an
Active/Active failover configuration, both security appliances can pass network traffic.
Table 14-1 Failover Behavior
Failure Event Policy Active Action Standby Action Notes
Active unit failed (power or
hardware)
Failover n/a Become active
Mark active as
failed
No hello messages are received on
any monitored interface or the
failover link.
Formerly active unit recovers No failover Become standby No action None.
Standby unit failed (power or
hardware)
No failover Mark standby as
failed
n/a When the standby unit is marked as
failed, then the active unit does not
attempt to fail over, even if the
interface failure threshold is
surpassed.
Failover link failed during
operation
No failover Mark failover
interface as failed
Mark failover
interface as failed
You should restore the failover link
as soon as possible because the
unit cannot fail over to the standby
unit while the failover link is down.
Failover link failed at startup No failover Mark failover
interface as failed
Become active If the failover link is down at
startup, both units become active.
Stateful Failover link failed No failover No action No action State information becomes out of
date, and sessions are terminated if
a failover occurs.
Interface failure on active unit
above threshold
Failover Mark active as
failed
Become active None.
Interface failure on standby
unit above threshold
No failover No action Mark standby as
failed
When the standby unit is marked as
failed, then the active unit does not
attempt to fail over even if the
interface failure threshold is
surpassed.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco FirePOWER ASA 5500 series and is the answer not in the manual?

Cisco FirePOWER ASA 5500 series Specifications

General IconGeneral
BrandCisco
ModelFirePOWER ASA 5500 series
CategoryFirewall
LanguageEnglish

Related product manuals