Does Cisco ASA 5505 active/standby require standby ip address on all interfaces?

Posted on 2013-10-23
Medium Priority
Last Modified: 2013-10-23
We have a pair of ASA 5505 firewalls configured in active/standby mode, with five interfaces / vlans / subnets configured, some with private IP ranges, some public.  It all works.

Business requirements are dictating that we split some of our subnets into smaller pieces to isolate certain applications from others.  All the instructions I find re: active/standby configurations say to specify a standby IP address on all interfaces other than the failover link.

When dealing with, say, /28 subnets, chewing up two of the addresses for the firewalls can start being a significant percentage of the available addresses in that subnet.

Is it really necessary to add a standby IP address for all interfaces, or could we get by with doing so on just the interfaces through which we're likely to connect to the management interface?
Question by:TerryMott

Accepted Solution

tolinrome earned 2000 total points
ID: 39594512

Author Closing Comment

ID: 39595445
Great! Thanks.

Featured Post

We Need Your Input!

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
If you are looking for an automated solution for backup single or multiple Office 365 user mailboxes to Outlook data file, then you can use Kernel Office 365 Backup & Restore tool. Go through the video to check out the steps to backup single or mult…

607 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question