-- Configuração inicial:
ASA1(config)# interface Ethernet0/1
ASA1(config-if)# nameif outside
ASA1(config-if)# security-level 0
ASA1(config-if)# ip address 1.1.1.1 255.255.255.0 standby 1.1.1.2
ASA1(config-if)# no shut
ASA1(config)# interface Ethernet0/0
ASA1(config-if)# nameif inside
ASA1(config-if)# security-level 100
ASA1(config-if)# ip address 10.0.0.1 255.255.255.0 standby 10.0.0.2
ASA1(config-if)# no shut
ASA2(config)# interface Ethernet0/1
ASA2(config-if)# nameif outside
ASA2(config-if)# security-level 0
ASA2(config-if)# ip address 1.1.1.2 255.255.255.0
ASA2(config-if)# no shut
ASA2(config)# interface Ethernet0/0
ASA2(config-if)# nameif inside
ASA2(config-if)# security-level 100
ASA2(config-if)# ip address 10.0.0.2 255.255.255.0
ASA2(config-if)# no shut
-- Configuração do "Failover":
ASA1(config)# failover
ASA1(config)# failover lan unit primary
ASA1(config)# failover lan interface FOCONTROL e0/2
ASA1(config)# failover interface ip FOCONTROL 192.168.21.1 255.255.255.252 standby 192.168.21.2
ASA1(config)# failover link FOSTATE e0/3
ASA1(config)# failover interface ip FOSTATE 192.168.21.5 255.255.255.252 standby 192.168.21.6
ASA1(config)# failover key cisco
ASA1(config)# failover polltime msec 200 holdtime msec 800
ASA1(config)# copy running-config disk0:/.private/startup-config
ASA2(config)# failover
ASA2(config)# failover lan unit secondary
ASA2(config)# failover lan interface FOCONTROL e0/2
ASA2(config)# failover interface ip FOCONTROL 192.168.21.1 255.255.255.252 standby 192.168.21.2
ASA2(config)# failover key cisco
ASA2(config)# failover polltime msec 200 holdtime msec 800
ASA2(config)# copy running-config disk0:/.private/startup-config
-- Testar desligando o principal:
Aparece no ASA2 "Switching To Active"
-- Executar os seguintes comandos e verificar o status dos ASAs:
show failover
show failover interface
DESCARREGAR AS CONFIGS AQUI
Sem comentários:
Enviar um comentário