?
Solved

VSS with ASA  Firewall connectivity

Posted on 2014-08-14
5
Medium Priority
?
1,101 Views
Last Modified: 2014-08-27
Hi ,

I have a Cisco 6500 VSS pair and Cisco ASA 5525-X firewall.

What design will be good at Firewall side :

Active /Active or Active Standby?

1. If any thing of the above what would be UP link connectivity?
2.Will you pls share the configuration at Firewall?
3.Do you have refference material on the above scenario?

Regards
Ram
0
Comment
Question by:RAMU CH
5 Comments
 
LVL 62

Expert Comment

by:gheist
ID: 40262373
Since you have exactly ONE firewall it will be STANDALONE.
0
 
LVL 1

Author Comment

by:RAMU CH
ID: 40262521
we have two simillar type of firewallsi.e ASA 5525-X firewall
0
 
LVL 42

Accepted Solution

by:
kevinhsieh earned 2000 total points
ID: 40263357
There are several limitations to active active ASA configuration such as no support for dynamic routing protocols or VPN. I would do an active passive ASA with stateful failover. The article below shows how to do active active and the limitations. It also links to the active passive configuration article.


http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/91336-pix-activeactive-config.html
0
 
LVL 47

Expert Comment

by:Craig Beck
ID: 40264412
I agree, HA ASA config would be a good solution.
0
 
LVL 1

Author Closing Comment

by:RAMU CH
ID: 40288163
Thanks
0

Featured Post

Fill in the form and get your FREE NFR key NOW!

Veeam is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
How to fix a SonicWall Gateway Anti-Virus firewall blocking automatic updates to apps like Windows, Adobe, Symantec, etc.
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
As many of you are aware about Scanpst.exe utility which is owned by Microsoft itself to repair inaccessible or damaged PST files, but the question is do you really think Scanpst.exe is capable to repair all sorts of PST related corruption issues?
Suggested Courses
Course of the Month16 days, 13 hours left to enroll

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question