Cisco ASA: Difference between revisions
(Created page with "=HA/Redundancy= ==Manual Failover== Manually failover a group to the peer firewall: # <code>admin# changeto system</code> # <code>show failover</code> # <code>failover active group 2</code> ''(this makes the currently-logged-in firewall active for group 2)'' ==Move Context== Move context from group 2 to group 1: ''Note: All groups must be on same firewall before you can move a context to another group.'' <code>admin# changeto system</code> <code># failover active g...") |
No edit summary |
||
| (5 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
=Summary= | |||
Cisco ASA (Adaptive Security Appliance) is a robust, multifunctional security device designed by Cisco Systems to provide advanced firewall capabilities and other network security features. It is widely used in enterprise and service provider networks to protect against cyber threats, manage traffic, and ensure secure connectivity. | |||
=HA/Redundancy= | =HA/Redundancy= | ||
| Line 4: | Line 8: | ||
Manually failover a group to the peer firewall: | Manually failover a group to the peer firewall: | ||
admin# changeto system | |||
show failover | |||
failover active group 2 | |||
==Move Context== | ==Move Context== | ||
| Line 13: | Line 17: | ||
''Note: All groups must be on same firewall before you can move a context to another group.'' | ''Note: All groups must be on same firewall before you can move a context to another group.'' | ||
admin# changeto system | |||
# failover active group 2 | |||
# conf t | |||
(config)# context fw02 | |||
(config-ctx)# join-failover-group 1 | |||
(config-ctx)# end | |||
# wr mem | |||
# no failover active group 2 | |||
=VPN= | =VPN= | ||
| Line 35: | Line 32: | ||
===Debug Specific Peer=== | ===Debug Specific Peer=== | ||
# debug crypto condition peer 1.1.1.1 | |||
# debug crypto ikev2 protocol 127 | |||
===Stop All Debugs=== | ===Stop All Debugs=== | ||
# undebug all | |||
Latest revision as of 22:20, 21 January 2025
Summary
Cisco ASA (Adaptive Security Appliance) is a robust, multifunctional security device designed by Cisco Systems to provide advanced firewall capabilities and other network security features. It is widely used in enterprise and service provider networks to protect against cyber threats, manage traffic, and ensure secure connectivity.
HA/Redundancy
Manual Failover
Manually failover a group to the peer firewall:
admin# changeto system show failover failover active group 2
Move Context
Move context from group 2 to group 1:
Note: All groups must be on same firewall before you can move a context to another group.
admin# changeto system # failover active group 2 # conf t (config)# context fw02 (config-ctx)# join-failover-group 1 (config-ctx)# end # wr mem # no failover active group 2
VPN
Debug
Debug Specific Peer
# debug crypto condition peer 1.1.1.1
# debug crypto ikev2 protocol 127
Stop All Debugs
# undebug all