As there is no option for preempt in ASA active/standby configuration, does anyone have a suggestion for a workaround to confirm that primary ASA will always be active when it is up?
Cisco – Preempt in ASA a/s fail over
ciscocisco-asafailoverfirewall
Related Topic
- Cisco – Deploying Active/Standby ASA 5508-X pair – Need SMARTnet on both
- Cisco – 2-stacked switches with 2 uplinks to each ASA
- Cisco Switch Failover – Diverting Traffic to Standby ASA
- Active/Standby Cisco ASA failover without Sync
- Cisco ASA 5512 (OS 9.1(1)) HA failover issues
- Cisco ASA vPC configuration issue
Best Answer
According to Cisco, there are three ways for the formerly Active, now Standby, primary unit to again become Active:
You may be able to do something with an EEM script to fail an interface on the now Active secondary unit when the now Standby primary unit comes back up, and then restore the failed interface after the unit returns to Standby. This is a real kludge because this is not the design for Active/Standby.