Cisco ASA firewall swap（cisco packet tracer）

Cisco ASA firewall swap（cisco packet tracer）

Cisco ASA FW replacement Active sand Standby Mode 思科防火墙 更换

must make sure the cross connection is there.

must have written connection for DC to check must make sure the lincense is there show verion Must have a roll back plane. Must communication effectively with DC guys.

show X Show arp show ×××-session L2l sh run nat

Primary A Gi1/1 to Switch Gi1/2 to Switch GI1/8 to Sec B Gi1/8 ( cross connect)Secondary B

New Primay C New Secondary D

Step 1. Move all the connection from B to New Secondary D ( include cross connect)

Step 2. Failover over the Active to New Secondary D ( in new D failover active)show failvoer state Step 3. Move all the connection from A to new C. Show failvoer state

Step 3. Move the Active FW to new C. ( in C failvoer active)

show xlateshow arp ping host to see if its liveshow -session-l2l to check tunnel status.

因为跟换的时候是一台一台更换的。

导致我在更换的时候， 比如 Old Primary 和 New Sec D 的时候， 怎么也不工作， 原来他们之间的Failover Link 没有连起来

Suppose Old Primary Failvoer link to New Sec D Failover link.

现实连的是 New Priamary C Failover link to New Sec D failover link.

Note: cross connect = Failvoer link.

是主防火墙 和备用防火墙之间的通信连接

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。