Stateful Failover link failed No failover No action No action State information

Stateful Failover link failed No failover No action No action State information becomes out of date, and sessions are terminated if a failover occurs. Interface failure on active unit above threshold Failover Mark active as failed Become active None. Interface failure on standby unit above threshold No failover No action Mark standby as failed When the standby unit is marked as failed, then the active unit does not attempt to fail over even if the interface failure threshold is surpassed.

33-6 Cisco ASA 5500 Series Configuration Guide using the CLI OL-18970-03 Chapter 33 Configuring Active/Standby Failover Licensing Requirements for Active/Standby Failover Optional Active/Standby Failover Settings You can configure the following Active/Standby failover options when you initially configuring failover or after failover has been configured: • HTTP replication with Stateful Failover—Allows connections to be included in the state information replication. • Interface monitoring—Allows you to monitor up to 250 interfaces on a unit and control which interfaces affect your failover. • Interface health monitoring—Enables the security appliance to detect and respond to interface failures more quickly. • Failover criteria setup—Allows you to specify a specific number of interfaces or a percentage of monitored interfaces that must fail before failover occurs. • Virtual MAC address configuration—Ensures that the secondary unit uses the correct MAC addresses when it is the active unit, even if it comes online before the primary unit. Licensing Requirements for Active/Standby Failover The following table shows the licensing requirements for this feature: Prerequisites for Active/Standby Failover Active/Standby failover has the following prerequisites: • Both units must be identical security appliances that are connected to each other through a dedicated failover link and, optionally, a Stateful Failover link. • Both units must have the same software configuration and the proper license. • Both units must be in the same mode (single or multiple, transparent or routed). Guidelines and Limitations This section includes the guidelines and limitations for this feature. Context Mode Guidelines • Supported in single and multiple context mode. • For multiple context mode, perform all steps in the system execution space unless otherwise noted. Model License Requirement ASA 5505 Security Plus License. (Stateful failover is not supported). ASA 5510 Security Plus License. All other models Base License.

33-7 Cisco ASA 5500 Series Configuration Guide using the CLI OL-18970-03 Chapter 33 Configuring Active/Standby Failover Configuring Active/Standby Failover Firewall Mode Guidelines • Supported in transparent and routed firewall mode. IPv6 Guidelines • IPv6 failover is supported.