Recently taken over an ASA pair running active/standby. I did a failover test but noticed that the primary IP did not follow to the secondary unit when i failed over from the primary.
Primary IP - x.53
Secondary IP - x.54
When i failed over to secondary, i thought the x.53 IP should have followed it over? instead i had to access them via .54
Am i missing something or just being silly?
If i run the following on the primary unit:
#failover exec standby show interface
then the management interface on the standby unit shows:
Interface Management1/1 "MGMT", is down, line protocol is down
EDIT:
Think ive found the reason:
Management Port Configuration Changes
The ASA 5500-X Series introduced a shared management port for firewall and IPS services.,There are certain caveats to follow during migration from the ASA 5500 Series.
• The shared management port cannot be used as a data port. All through-the-box traffic arriving at the management port will be dropped implicitly. This cannot be disabled.
• The shared management port cannot be used as a part of a high availability configuration.
No comments:
Post a Comment