Hello,
I was wondering about the effects of changing the failover IP address on a set of ASA's in failover mode.
The reason why I want to change it: I want to run RIP between the ASA's and a set of VPN concentrators, and if I add the network config (10.0.0.0, too bad I can't use subnets there even with RIPv2), I get the error that you can't run RIP on the failover interface, so I want to move that interface out of 10.0.0.0/8.
Now, if no one objects to that reasoning :-), I am wondering how I can best do this, since the 2 ASA's are 60km apart, and unfortunately I don't have 2 spare devices available to test it on.
So... which of the 3 scenario's would be the right one and (that would be really nice) tested by someone in real life:
- run "failover interface ip failover 172.31.1.1 255.255.255.0 standby
- run "failover interface ip failover 172.31.1.1 255.255.255.0 standby
- have someone connected at each ASA, disconnect the standby one, connect serial console, run the command there, run it on the online ASA, reconnect the standby on, all are happy except for the person who has to drive back :-)
Thanks in advance,
Greetings
Mark