ACTIVE / STANDBY FAILOVER CONFIGURATION

ASA CONFIGURATION

CERTVIDEOS/pri/act# show running-config

: Saved

:

ASA Version 8.4(2)

!

terminal width 300

hostname CERTVIDEOS

enable password 8Ry2YjIyt7RRXU24 encrypted

passwd 2KFQnbNIdI.2KYOU encrypted

names

!

interface GigabitEthernet0

nameif inside

security-level 100

ip address 192.168.1.2 255.255.255.0 standby 192.168.1.3

!

interface GigabitEthernet1

description LAN Failover Interface

!

interface GigabitEthernet2

description STATE Failover Interface

!

interface GigabitEthernet3

nameif outside

security-level 0

ip address 172.16.1.2 255.255.255.0 standby 172.16.1.3

!

interface GigabitEthernet4

shutdown

no nameif

no security-level

no ip address

!

interface GigabitEthernet5

shutdown

no nameif

no security-level

no ip address

!

ftp mode passive

access-list inside-in extended permit ip any any

access-list outside-in extended permit ip any any

pager lines 24

mtu inside 1500

mtu outside 1500

failover

failover lan unit primary

failover lan interface FOLINK GigabitEthernet1

failover key *****

failover link SFLINK GigabitEthernet2

failover interface ip FOLINK 192.168.2.2 255.255.255.0 standby 192.168.2.3

failover interface ip SFLINK 192.168.3.2 255.255.255.0 standby 192.168.3.3

icmp unreachable rate-limit 1 burst-size 1

no asdm history enable

arp timeout 14400

access-group inside-in in interface inside

access-group outside-in in interface outside

route inside 10.1.1.0 255.255.255.0 192.168.1.1 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute

timeout tcp-proxy-reassembly 0:01:00

timeout floating-conn 0:00:00

dynamic-access-policy-record DfltAccessPolicy

user-identity default-domain LOCAL

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart

telnet timeout 5

ssh timeout 5

console timeout 0

!

tls-proxy maximum-session 10000

!

threat-detection basic-threat

threat-detection statistics access-list

no threat-detection statistics tcp-intercept

!

!

prompt hostname priority state

no call-home reporting anonymous

call-home

profile CiscoTAC-1

no active

destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService

destination address email callhome@cisco.com

destination transport-method http

subscribe-to-alert-group diagnostic

subscribe-to-alert-group environment

subscribe-to-alert-group inventory periodic monthly

subscribe-to-alert-group configuration periodic monthly

subscribe-to-alert-group telemetry periodic daily

crashinfo save disable

Cryptochecksum:bd192395403272e1f78f2c653a6c6723

: end

CERTVIDEOS/pri/act#

ROUTER CONFIGURATION

ROUTER#show running-config

Building configuration...

Current configuration : 811 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname ROUTER

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

ip cef

!

!

!

!

no ip domain lookup

!

multilink bundle-name authenticated

!

!

!

archive

log config

hidekeys

!

!

interface FastEthernet0/0

ip address 10.1.1.1 255.255.255.0

duplex auto

speed auto

!

interface FastEthernet0/1

ip address 192.168.1.1 255.255.255.0

duplex auto

speed auto

!

ip forward-protocol nd

ip route 172.16.0.0 255.255.0.0 192.168.1.2

!

!

no ip http server

no ip http secure-server

!

!

control-plane

!

!

!

line con 0

exec-timeout 0 0

logging synchronous

line aux 0

line vty 0 4

login

!

!

end

ROUTER#