RE: Default route in switch in a dual-ASA scenario....

Thanks !!

So the default route in Both switches should point to the physical IP of ASA 1
then?

Since HSRP is configured in the switches, I was assuming that both switches
would point their default route to the HSRP IP NOT the actual physical IP of
ASA 1 ??

If the ASA 1 box goes down, how will switch #1 start routing out to ASA 2 ?

If the default route pointed out to the HSRP IP, then I see no issue, but
since right now the default route is pointing out to ASA1 physical IP, how
would that work?

Please advise.

Thanks,

CN

> Date: Thu, 14 May 2009 23:45:10 +0300
> From: bogdan.sass_at_catc.ro
> To: cisconuts_at_hotmail.com
> CC: ccielab_at_groupstudy.com
> Subject: Re: Default route in switch in a dual-ASA scenario....
>
> Cisco Nuts wrote:
> > Hi:
> >
> > If we have 2 ASA's configured for failover connected to 2 switches, is
there a
> > reason why the default route in both switches point to the physical
address of
> > the primary asa.
> >
> > If the primary asa to switch ip's are .1 and .2 and secondary asa to
switch #2
> > ip's are .3 and .4 and the hsrp active is .100, shouldn't the default
route in
> > both switches point to the .100?
> >
> As far as I know, there is no support for HSRP on the ASA.
> > What is different in asa compared to regular routers?
> >
> On two ASAs configured for failover, when the primary fails, the
> secondary unit will assume the primary's IP address. So your
> configuration is correct.
>
>
> --
> Bogdan Sass
> CCAI,CCSP,JNCIA-ER,CCIE #22221 (RS)
> Information Systems Security Professional
> "Curiosity was framed - ignorance killed the cat"
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
Received on Fri May 15 2009 - 12:39:53 ART