Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Failover configuration, to another ASA

Status
Not open for further replies.
forrie

forrie

MIS
Mar 6, 2009
91
US
We are building a remote mirror of our internal services, including a NAS (Solaris/ZFS) which will need to serve as a full failover in case of disaster.

We have new Cisco ASAs and I wonder if there is a clever way to facilitate failover to the backup ASA in case the primary goes off the air. (as I'm still learning the ASA platform).


Thanks.
 
Sort by date Sort by votes
This may be more complex than I anticipated. We have day-to-day data that we will need to replicate (a separate issue) -- in case of an emergency, we would like the remote ASA to take over our production (ie: replace its IP and allow us to continue).

I'm not sure a fully automated function would be what we need -- honestly, it's not something I've done before.

We're looking into EMC stuff for data replication.

Thanks.
 
Upvote 0 Downvote
i don't believe what you are looking at is feasible with . your other site needs to be on a completely different subnet otherwise you will have routing issues (that is unless you have something like MetroE or some other WAN service that will let you extend your LAN). the biggest thing you're going to worry about is updating your DNS to reflect the fail over. do you have resources that external people will need access to also (i.e. web, ftp, etc)?? are you going to employ something like VMware SRM to assist in your DR??

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
The other site is on a completely different network.

The configuration would sit beside a Cisco ASA that is identical to what we have.

Good question about VMWare, I'm not totally sure - we are just getting our feet wet with VMWare, and we're probably going to pull in a consultant to help us design and do some technical Q&A.

But for the most part, our systems that encode video (hardware dependency) or anything that is disk I/O related, I would not place under VMWare.

DNS is managed centrally, so yes there would be a slight delay there -- we'd have to discuss a plan-of-action with them.

I manage the DNS that is behind the ASA, though.

Thanks for you assistance etc.



 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
665
Sameer258
Sameer258
intel233
  • Locked
  • Question
Cisco ASA - VPN Question
Replies
6
Views
580
intel233
intel233
gkreg
  • Locked
  • Question
asa 5500-x url filtering
Replies
0
Views
438
gkreg
gkreg
intel233
  • Locked
  • Question
Cisco ASA 5510 -Static NAT Help
Replies
8
Views
624
intel233
intel233
Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
582
Johnkite
Johnkite

Part and Inventory Search

Sponsor

Back
Top