Configure a Redundant Interface (ASA Platform Only)

A logical redundant interface consists of a pair of physical interfaces: an active and a standby interface. When the active interface fails, the standby interface becomes active and starts passing traffic. You can configure a redundant interface to increase the threat defense reliability. By default, redundant interfaces are enabled.

You can configure up to 8 redundant interface pairs.
Both member interfaces must be of the same physical type. For example, both must be GigabitEthernet.

Note	Redundant interfaces are not supported on the Firepower platform; only ASA 5500-X models support redundant interfaces.

Before you begin

You cannot add a physical interface to the redundant interface if you configured a name for it. You must first remove the name.

Caution

If you are using a physical interface already in your configuration, removing the name will clear any configuration that refers to the interface.

Procedure

Step 1	Select Devices > Device Management and click Edit () for your threat defense device. The Interfaces page is selected by default.
Step 2	Enable the member interfaces according to Enable the Physical Interface and Configure Ethernet Settings.
Step 3	Click Add Interfaces > Redundant Interface.
Step 4	On the General tab, set the following parameters: Redundant ID—Set an integer between 1 and 8. Primary Interface—Choose an interface from the drop-down list. After you add the interface, any configuration for it (such as an IP address) is removed. Secondary Interface—The second interface must be the same physical type as the first interface.
Step 5	Click OK.
Step 6	Click Save. You can now go to Deploy > Deployment and deploy the policy to assigned devices. The changes are not active until you deploy them.
Step 7	(Optional) Add a VLAN subinterface. See Add a Subinterface.
Step 8	Configure the routed or transparent mode interface parameters. See Configure Routed Mode Interfaces or Configure Bridge Group Interfaces.