Solved

Does Cisco ASA 5505 active/standby require standby ip address on all interfaces?

Posted on 2013-10-23
2
576 Views
Last Modified: 2013-10-23
We have a pair of ASA 5505 firewalls configured in active/standby mode, with five interfaces / vlans / subnets configured, some with private IP ranges, some public.  It all works.

Business requirements are dictating that we split some of our subnets into smaller pieces to isolate certain applications from others.  All the instructions I find re: active/standby configurations say to specify a standby IP address on all interfaces other than the failover link.

When dealing with, say, /28 subnets, chewing up two of the addresses for the firewalls can start being a significant percentage of the available addresses in that subnet.

Is it really necessary to add a standby IP address for all interfaces, or could we get by with doing so on just the interfaces through which we're likely to connect to the management interface?
0
Comment
Question by:TerryMott
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 7

Accepted Solution

by:
tolinrome earned 500 total points
ID: 39594512
0
 

Author Closing Comment

by:TerryMott
ID: 39595445
Great! Thanks.
0

Featured Post

Is your NGFW recommended by NSS Labs?

Ours is! NSS Labs Next Generation Firewall Test gives the WatchGuard Firebox M4600 a "Recommended" rating! Curious where your NGFW landed on the  Security Value Map? See the map and download the full report today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Network traffic routing plays key role in your network, if you have single site with heavy browsing or multiple sites, replicating important application data from your Primary Default Gateway ,you have to route your other network traffic from your p…
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question