Stateful Failover link failedNo failoverNo actionNo actionState information becomes out of date, and sessions are terminated if a failover occurs.Interface failure on active unit above thresholdFailoverMark active as failedBecome activeNone.Interface failure on standby unit above thresholdNo failoverNo actionMark standby as failedWhen the standby unit is marked as failed, then the active unit does not attempt to fail over even if the interface failure threshold is surpassed.
33-6Cisco ASA 5500 Series Configuration Guide using the CLIOL-18970-03Chapter 33 Configuring Active/Standby FailoverLicensing Requirements for Active/Standby FailoverOptional Active/Standby Failover SettingsYou can configure the following Active/Standby failover options when you initially configuring failover or after failover has been configured:•HTTP replication with Stateful Failover—Allows connections to be included in the state information replication.•Interface monitoring—Allows you to monitor up to 250 interfaces on a unit and control which interfaces affect your failover.•Interface health monitoring—Enables the security appliance to detect and respond to interface failures more quickly.•Failover criteria setup—Allows you to specify a specific number of interfaces or a percentage of monitored interfaces that must fail before failover occurs.•Virtual MAC address configuration—Ensures that the secondary unit uses the correct MAC addresses when it is the active unit, even if it comes online before the primary unit. Licensing Requirements for Active/Standby FailoverThe following table shows the licensing requirements for this feature:Prerequisites for Active/Standby FailoverActive/Standby failover has the following prerequisites:•Both units must be identical security appliances that are connected to each other through a dedicated failover link and, optionally, a Stateful Failover link.•Both units must have the same software configuration and the proper license.•Both units must be in the same mode (single or multiple, transparent or routed).Guidelines and LimitationsThis section includes the guidelines and limitations for this feature.Context Mode Guidelines•Supported in single and multiple context mode. •For multiple context mode, perform all steps in the system execution space unless otherwise noted. ModelLicense RequirementASA 5505Security Plus License. (Stateful failover is not supported).ASA 5510Security Plus License.All other modelsBase License.
33-7Cisco ASA 5500 Series Configuration Guide using the CLIOL-18970-03Chapter 33 Configuring Active/Standby FailoverConfiguring Active/Standby FailoverFirewall Mode Guidelines•Supported in transparent and routed firewall mode. IPv6 Guidelines•IPv6 failover is supported.