By
default, each physical ASA interface operates independently of any
other interface. When an interface is down, the ASA can not send or
receive any data through it. To keep an ASA interface up and active all
the time, you can configure a logical interface having a pair of
physical interfaces set aside for the same function and connected to the
same network and only one is active at any given time, the other stays
in a standby state. The pair physical interfaces must be the same type
(config)#interface redundant x /* Create the redundant or the logical interface. x could be any number from 0 to 8 */
(config-if)#member-interface ethernet0/1 /*add a physical interface as a member of the redundant one*/
(config-if)#member-interface ethernet0/2
(config-if)#no shut
(config-if)#ip add ..... ..... /*ip address should be configured on the logical interface not the physical*/
(config-if)#nameif inside | outside /*the name of the interface is configured on the logical interface */
(config-if)#security-level ... /*the security level is configured on the logical interface*/
(config-if)#do show interface redundant x
(config)#interface ethernet0/1
(config-if)#no shut /*even though we have activated the logical interface, the physical must also be*/
(config-if)#exit
(config)#interface ethernet0/2
(config-if)#no shut
No comments:
Post a Comment