论坛 › Cisco › Cisco ASA5520 Failover配置

waid 发表于 2018-7-16 06:00:24

Cisco ASA5520 Failover配置

　　ASA5520-1：
　　ciscoasa> en
　　Password:
　　ciscoasa# conf t
　　ciscoasa(config)# hostname ASA5520
　　ASA5520(config)# int g0/0
　　ASA5520(config-if)# nameif outside
　　INFO: Security level for "outside" set to 0 by default.
　　ASA5520(config-if)# no shut
　　ASA5520(config-if)# ip add 100.1.1.1 255.255.255.0
　　ASA5520(config-if)# int g0/1
　　ASA5520(config-if)# nameif inside
　　INFO: Security level for "inside" set to 100 by default.
　　ASA5520(config-if)# no shut
　　ASA5520(config-if)# ip add 192.168.0.1 255.255.255.0
　　ASA5520(config-if)# interface Management0/0
　　ASA5520(config-if)# no shut
　　ASA5520(config-if)# exit
　　ASA5520(config)# failover lan unit primary
　　ASA5520(config)# failover lan interface failover Management0/0
　　INFO: Non-failover interface config is cleared on Management0/0 and its sub-interfaces
　　ASA5520(config)# failover interface ip failover 1.1.1.1 255.255.255.0 standby 1.1.1.2
　　ASA5520(config)# failover
　　ASA5520(config)# write memory
　　Building configuration…
　　Cryptochecksum: b6bb8357 a400eae0 d063037d 1ef88a95
　　1893 bytes copied in 3.520 secs (631 bytes/sec)
　　
　　ASA5520(config)#
　　ASA5520-2：
　　ciscoasa> en
　　Password:
　　ciscoasa# conf t
　　ciscoasa(config)# interface Management0/0
　　ciscoasa(config-if)# no shut
　　ciscoasa(config-if)# exit
　　ciscoasa(config)# failover lan unit secondary
　　ciscoasa(config)# failover lan interface failover Management0/0
　　INFO: Non-failover interface config is cleared on Management0/0 and its sub-interfaces
　　ciscoasa(config)# failover interface ip failover 1.1.1.1 255.255.255.0 standby 1.1.1.2
　　ciscoasa(config)# failover
　　ciscoasa(config)# .
　　Detected an Active mate
　　Beginning configuration replication from mate.
　　ASA5520(config)# End configuration replication from mate.
　　ASA5520(config)#
　　ASA5520(config)# show failover
　　Failover On
　　Failover unit Secondary
　　Failover LAN Interface: failover Management0/0 (up)
　　Unit Poll frequency 1 seconds, holdtime 15 seconds
　　Interface Poll frequency 15 seconds
　　Interface Policy 1
　　Monitored Interfaces 2 of 250 maximum
　　Version: Ours 7.0(8), Mate 7.0(8)
　　Last Failover at: 09:22:55 UTC Sep 7 2009
　　This host: Secondary – Standby Ready
　　Active time: 0 (sec)
　　slot 0: ASA5520 hw/sw rev (2.0/7.0(8)) status (Up Sys)
　　slot 1: empty
　　Interface outside (0.0.0.0): Normal (Waiting)
　　Interface inside (0.0.0.0): Normal (Waiting)
　　Other host: Primary – Active
　　Active time: 1477 (sec)
　　slot 0: ASA5520 hw/sw rev (2.0/7.0(8)) status (Up Sys)
　　slot 1: empty
　　Interface outside (100.1.1.1): Normal (Waiting)
　　Interface inside (192.168.0.1): Normal (Waiting)
　　Stateful Failover Logical Update Statistics
　　Link : Unconfigured.
　　ASA5520(config)#
　　当关闭ASA5520-1时，show failover：
　　ASA5520(config)# sh fa
　　Failover On
　　Failover unit Secondary
　　Failover LAN Interface: failover Management0/0 (Failed – No Switchover)
　　Unit Poll frequency 1 seconds, holdtime 15 seconds
　　Interface Poll frequency 15 seconds
　　Interface Policy 1
　　Monitored Interfaces 2 of 250 maximum
　　Version: Ours 7.0(8), Mate 7.0(8)
　　Last Failover at: 10:00:56 UTC Sep 7 2009
　　This host: Secondary – Active
　　Active time: 7 (sec)
　　slot 0: ASA5520 hw/sw rev (2.0/7.0(8)) status (Up Sys)
　　slot 1: empty
　　Interface outside (100.1.1.1): No Link (Waiting)
　　Interface inside (192.168.0.1): No Link (Waiting)
　　Other host: Primary – Failed
　　Active time: 1726 (sec)
　　slot 0: ASA5520 hw/sw rev (2.0/7.0(8)) status (Up Sys)
　　slot 1: empty
　　Interface outside (0.0.0.0): Unknown (Waiting)
　　Interface inside (0.0.0.0): Unknown (Waiting)
　　Stateful Failover Logical Update Statistics
　　Link : Unconfigured.
　　ASA5520(config)#
　　-------------------------End-------------------------

查看完整版本: Cisco ASA5520 Failover配置