Software Version 8.0 introduces the capability to create redundant interface pairs that group multiple physical interfaces into a logical group to provide an active/standby environment. When the active interface fails, the standby interface becomes active and starts passing traffic. This feature offers increased reliability and ensures traffic will pass when there is a problem with a physical interface. Note that this feature is separate from device-level failover. Redundant interfaces can be configured along with regular failover configuration. The Security Appliance supports up to eight redundant interface pairs.
Perform the following steps to configure a redundant interface on the Security Appliance.
Step 1. | Enable the logical redundant interface by using the following commands from the global configuration mode. The number argument is an integer value between 1 and 8. firewall(config)# interface redundant number |
Step 2. | Add the first member interface to the redundant interface logical group. firewall(config-if)# member-interface 1st_physical_interface |
Step 3. | Add the second member interface to the redundant interface logical group. firewall(config-if)# member-interface 2nd_physical_interface |
Use the show interface redundantnumber detail command to view the redundant interface settings and also to determine which interface is currently active. By default, the first member interface in the configuration is active. However, this can be changed by using the redundant-interface redundantnumber active-member physical_interface command.