ASA1 Configuration
S1: Configure the interfaces as shown in the topology.
ASA1(config)# interface g0/1
ASA1(config-if)# nameif Inside
ASA1(config-if)# Security-level 100
ASA1(config-if)# ip address 192.168.1.1 255.255.255.0 standby 192.168.1.2
ASA1(config-if)#exit
ASA1(config)# interface g0/2
ASA1(config-if)# nameif Outside
ASA1(config-if)# Security-level 0
ASA1(config-if)# ip address 192.168.2.1 255.255.255.0 standby 192.168.2.2
ASA1(config-if)#exit
2) Configure Active/standby Failover on ASA1 and make ASA1 as Active ASA.
ASA1(config)# Failover lan unit primary
3) Make G0/0 on ASA1 as Failover Interface between ASA1 and ASA2.
ASA1(config)# failover lan interface Failover G0/0
Note: Failover is the name given to G0/0 interface, it is similar to Inside and Outside which is given to G0/1 and G0/2
4) Configure IP Address on Failover Interface Ip Address.
ASA1(config)# failover interface ip Failover 10.0.0.1 255.255.255.0 standby 10.0.0.2
5) Configure encryption for failover communication between ASA1 and ASA2
ASA1(config)# failover key Cisco123
6) Implement stateful failover on G0/0 of ASA1.
ASA1(config)# failover link Failover
7) Implement Failover
ASA1(config)# Failover
ASA2 Configuration
ASA2(config)# failover lan unit secondary
ASA2(config)# failover lan interface Failover G0/0
ASA2(config)# failover interface ip Failover 10.0.0.1 255.255.255.0 standby 10.0.0.2
ASA2(config)# failover key Cisco123
ASA2(config)# failover link Failover
ASA2config)# failover
Verification # show failover
S1: Configure the interfaces as shown in the topology.
ASA1(config)# interface g0/1
ASA1(config-if)# nameif Inside
ASA1(config-if)# Security-level 100
ASA1(config-if)# ip address 192.168.1.1 255.255.255.0 standby 192.168.1.2
ASA1(config-if)#exit
ASA1(config)# interface g0/2
ASA1(config-if)# nameif Outside
ASA1(config-if)# Security-level 0
ASA1(config-if)# ip address 192.168.2.1 255.255.255.0 standby 192.168.2.2
ASA1(config-if)#exit
2) Configure Active/standby Failover on ASA1 and make ASA1 as Active ASA.
ASA1(config)# Failover lan unit primary
3) Make G0/0 on ASA1 as Failover Interface between ASA1 and ASA2.
ASA1(config)# failover lan interface Failover G0/0
Note: Failover is the name given to G0/0 interface, it is similar to Inside and Outside which is given to G0/1 and G0/2
4) Configure IP Address on Failover Interface Ip Address.
ASA1(config)# failover interface ip Failover 10.0.0.1 255.255.255.0 standby 10.0.0.2
5) Configure encryption for failover communication between ASA1 and ASA2
ASA1(config)# failover key Cisco123
6) Implement stateful failover on G0/0 of ASA1.
ASA1(config)# failover link Failover
7) Implement Failover
ASA1(config)# Failover
ASA2 Configuration
ASA2(config)# failover lan unit secondary
ASA2(config)# failover lan interface Failover G0/0
ASA2(config)# failover interface ip Failover 10.0.0.1 255.255.255.0 standby 10.0.0.2
ASA2(config)# failover key Cisco123
ASA2(config)# failover link Failover
ASA2config)# failover
Verification # show failover
in packet trace how can us configure the asa firewall active/standby because i tried but the configuring doesn't found
ReplyDeletepacket tracer doesnt support, you have to used gns3 or eve-ng because they running real ios
Delete