20-17
Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1
OL-19892-01
Chapter 20 Configuring the ASA 5585-X IPS SSP
Failover Scenarios
• If the ASAs are configured in fail-close mode, and if the ASA 5585-X IPS SSP on the active ASA
experiences a SensorApp crash or a service pack upgrade, failover is triggered and traffic passes
through the ASA 5585-X IPS SSP that was previously the standby for the ASA 5585-X IPS SSP.
Configuration Examples
Use the following configuration for the primary ASA:
interface GigabitEthernet0/7
description LAN Failover Interface
failover
failover lan unit primary
failover lan interface folink GigabitEthernet0/7
failover interface ip folink 172.27.48.1 255.255.255.0 standby 172.27.48.2
Use the following configuration for the secondary ASA:
interface GigabitEthernet0/7
description LAN Failover Interface
failover
failover lan unit secondary
failover lan interface folink GigabitEthernet0/7
failover interface ip folink 172.27.48.1 255.255.255.0 standby 172.27.48.2