Manualsbrain.com
  1. Manuali
  2. Marche
  3. Cisco
  4. Cisco IPS 4520 Sensor
  5. Libro bianco

Cisco Cisco IPS 4520 Sensor Libro bianco

Scarica
Pagina di 79
14
Firewall
August 2012 Series
14
Step 3:  
Configure the failover interface.
failover lan interface failover GigabitEthernet
0/2
failover key 
FailoverKey
failover replication http
failover link failover
 
GigabitEthernet
0/2
Step 4:  
To minimize the downtime experienced during failover, tune the 
failover poll timers.
failover polltime unit msec 200 holdtime msec 800 
failover polltime interface msec 500 holdtime 5
Step 5:  
Configure the failover interface IP address.
failover interface ip failover 
10.4.24.33 255.255.255.248
 
standby 
10.4.24.34
Step 6:  
Enable the failover interface.
interface GigabitEthernet
0/2
 no shutdown
Step 7:  
Configure the standby IP address and monitoring of the inside 
interface.
interface GigabitEthernet
0/0.300
 ip address 
10.4.24.30 255.255.255.224
 standby 
10.4.24.29
monitor-interface inside
Procedure 2 
Configuring standby firewall for resilience
Step 1:  
On the secondary Cisco ASA, enable failover.
failover 
Step 2:  
Configure the Cisco ASA as the secondary appliance of the high 
availability pair.
failover lan unit secondary
Step 3:  
Configure the failover interface.
failover lan interface failover GigabitEthernet
0/2
failover key 
FailoverKey
failover replication http
failover link failover
 
GigabitEthernet
0/2
Step 4:  
To minimize the downtime experienced during failover, tune the 
failover poll timers.
failover polltime unit msec 200 holdtime msec 800 
failover polltime interface msec 500 holdtime 5
Step 5:  
Configure the failover interface IP address.
failover interface ip failover 
10.4.24.33 255.255.255.248
 
standby 
10.4.24.34
Step 6:  
Enable the failover interface.
interface GigabitEthernet
0/2
 no shutdown
Step 7:  
To verify standby synchronization between the Cisco ASA devices, 
on the command-line interface of the primary appliance, issue the 
show
failover state
command.
IE-ASA5545# show failover state
               State       Last Failure Reason      Date/Time
This host  -   Primary
               Active         None
Other host -   Secondary
               Standby Ready  None
====Configuration State===
        Sync Done
====Communication State===
        Mac set