ASA Clustering Layer 3 Quick Configuration
post by: Moses Frost
ASA for many years now has had clustering for data center networking and even to a certain extent for edge internet deployments. There are some interesting clustering requirements you can read about in their documentation: http://www.cisco.com/c/en/us/td/docs/security/asa/asa94/release/notes/asarn94.html
There are several misconceptions however that arise with clustering.
- It requires layer 2 only, or transparent mode.
- It requires multi-context or contextual firewalls
- It requires VPC or some other Layer 2 technology like VSS.
That’s not 100% true, although it may not be the most recommended solution, you can deploy a cluster in Layer 3 mode. Here is a quick gist that shows you how it’s done. Before going to production with something like, consult Cisco the Manufacturer or one it’s rep’s to guide you through the process.