Stateless (regular) and stateful failover, Stateless (regular) failover – Cisco ASA 5505 User Manual
Page 1297
61-9
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter 61 Information About High Availability
Stateless (Regular) and Stateful Failover
Note
The ASA 5505 does not support multiple context mode or Active/Active failover.
VPN is not supported in multiple context mode or Active/Active failover.
If you are running the ASA in multiple context mode, then you can configure either Active/Active
failover or Active/Standby failover.
•
To allow both members of the failover pair to share the traffic, use Active/Active failover. Do not
exceed 50% load on each device.
•
If you do not want to share the traffic in this way, use Active/Standby or Active/Active failover.
provides a comparison of some of the features supported by each type of failover
configuration.
Stateless (Regular) and Stateful Failover
The ASA supports two types of failover, regular and stateful. This section includes the following topics:
•
Stateless (Regular) Failover, page 61-9
•
Stateless (Regular) Failover
When a failover occurs, all active connections are dropped. Clients need to reestablish connections when
the new active unit takes over.
Note
In Version 8.0 and later, some configuration elements for clientless SSL VPN (such as bookmarks and
customization) use the VPN failover subsystem, which is part of Stateful Failover. You must use Stateful
Failover to synchronize these elements between the members of the failover pair. Stateless (regular)
failover is not recommended for clientless SSL VPN.
Table 61-1
Failover Configuration Feature Support
Feature
Active/Active
Active/Standby
Single Context Mode
No
Yes
Multiple Context Mode
Yes
Yes
Traffic Sharing Network Configurations
Yes
No
Unit Failover
Yes
Yes
Failover of Groups of Contexts
Yes
No
Failover of Individual Contexts
No
No