Cisco ASA firewall swap

发布时间:2020-07-03 15:25:17 作者:bobo5620301hotm
来源:网络 阅读:438

Cisco ASA FW replacement Active sand Standby Mode
思科防火墙 更换

must make sure the cross connection is there.

  1. must have written connection for DC to check
  2. must make sure the lincense is there show verion
  3. Must have a roll back plane.
  4. Must communication effectively with DC guys.

show X
Show arp
show ×××-session L2l
sh run nat

Primary A
Gi1/1 to Switch
Gi1/2 to Switch
GI1/8 to Sec B Gi1/8 ( cross connect)
Secondary B

New Primay C
New Secondary D

Step 1.
Move all the connection from B to New Secondary D ( include cross connect)

Step 2.
Failover over the Active to New Secondary D ( in new D failover active)
show failvoer state
Step 3.
Move all the connection from A to new C.
Show failvoer state

Step 3.
Move the Active FW to new C. ( in C failvoer active)

show xlate
show arp
ping host to see if its live
show -session-l2l to check tunnel status.

因为跟换的时候是一台一台更换的。

导致我在更换的时候,
比如 Old Primary 和 New Sec D 的时候, 怎么也不工作, 原来他们之间的
Failover Link 没有连起来

Suppose
Old Primary Failvoer link to New Sec D Failover link.

现实连的是
New Priamary C Failover link to New Sec D failover link.

Note: cross connect = Failvoer link.

是主防火墙 和备用防火墙之间的通信连接

推荐阅读:
  1. Cisco 安全设备管理工具 (SDM)
  2. python把字符串换成元组的方法

免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。

cisco asa fir

上一篇:学习Python可以用来干什么

下一篇:Oracle Study之--AIX 6.1安装Oracle 11gR2

相关阅读

您好,登录后才能下订单哦!

密码登录
登录注册
其他方式登录
点击 登录注册 即表示同意《亿速云用户服务条款》