- Configuration
ciscoasa(config)# interface redundant 1
Interface number can be from 1 to 8
ciscoasa(config-if)# member-interface Ethernet 0/0
INFO: security-level and IP address are cleared on Ethernet0/0.
We added Ethernet0/0 as a member interface of Interface Redundant 1
ciscoasa(config-if)# member-interface Ethernet 0/1
INFO: security-level and IP address are cleared on Ethernet0/1.
We added Ethernet0/1 as a member interface of Interface Redundant 1
- Choose which interface is active
By default active interface is first on the list, also mac address is from first interface is used.
In case of failover mac addressed is used by second interface.It is possible to configure different mac-address for redundant interface but I think in 99% of cases it is useless.
(config)# show interface redundant 1 detail
If you wish to change active member to Ethernet0/1 type command:
# redundant-interface Redundant 1 active-member ethernet 0/1
In this articles I will use Ethernet0/0 as a active interface
- Configure network settings
ciscoasa(config-if)# ip add
ciscoasa(config-if)# ip address x1.223.184.147 255.255.255.240
ciscoasa(config-if)# no shu
ciscoasa(config-if)# nameif outside
INFO: Security level for “outside” set to 0 by default.
ciscoasa(config-if)# exit
- Enable physical interfaces(members of Redundant interface)
ciscoasa(config)# interface ethernet 0/0
ciscoasa(config-if)# no shut
ciscoasa(config-if)# exit
ciscoasa(config)# interface ethernet 0/1
ciscoasa(config-if)# no shut
ciscoasa(config-if)# exit
- Configure routing/gateway if needed.
- Display stats for redundant interface and configuration
ciscoasa(config)# ping 8.8.8.8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/28/30 ms
dzbanek 2013-05-17