Home
Certification Preparation
Cisco
CCNP
CCNP Security
Certificate requirements for 2 ASA in failover mode
liven
Ok,
have 2 asa devices only one is active at a time. When one fails the other assumes the IP of the failed device and hopefully the network and users never know the difference.
Now if I am going to use certificates in this situation for secure communications etc... Should I use the same certificate on both ASA devices? In my eyes it seems that this would make more sense over both devices having different certs....
Find more posts tagged with
Comments
dtlokee
Well since the secondary unit gets all of it's configuration from the primary unit they would have the same certificate. If you think about it this makes sense when you're using stateful failover where all of the IPSec SA's are maintained if the primary unit fails. The units effectively act as a single device.
liven
Look don't go and be MR. SMARTY PANTS ON ME!!!!
JK.
Thanks man, I pretty much knew the answer to this. But since your the man you just confirmed it for me!
Thanks.
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
