By
 default, each physical ASA interface operates independently of any 
other interface. When an interface is down, the ASA can not send or 
receive any data through it. To keep an ASA interface up and active all 
the time, you can configure a logical interface having a pair of 
physical interfaces set aside for the same function and connected to the
 same network and only one is active at any given time, the other stays 
in a standby state. The pair physical interfaces must be the same type
 (config)#interface redundant x  /* Create the redundant or the logical interface. x could be any number from 0 to 8 */
(config-if)#member-interface  ethernet0/1  /*add a physical interface as a member of the redundant one*/
(config-if)#member-interface ethernet0/2
(config-if)#no shut
(config-if)#ip add ..... .....        /*ip address should be configured on the logical interface not the physical*/
(config-if)#nameif  inside | outside       /*the name of the interface is configured on the logical interface */ 
(config-if)#security-level ...      /*the security level is configured on the logical interface*/
(config-if)#do show  interface redundant x
(config)#interface ethernet0/1
(config-if)#no shut      /*even though we have activated the logical interface, the physical must also be*/ 
(config-if)#exit
(config)#interface ethernet0/2
(config-if)#no shut 
 
No comments:
Post a Comment