ASA 5510 Active/Passive
Currently i'm configuring two ASA 5510 firewall for Active/Passive mode.
This is my first time configuring this so i have some concern.
I understand that we need to configure a IP address and a standby address on each interface
(Example: As below) Configure the same in both ASA5510
ip address 10.33.10.31 255.255.255.0 standby 10.33.10.30
ip address 10.33.20.31 255.255.255.0 standby 10.33.20.30
My question is: what is the main purpose of the standby IP as the both firewall are having the same configuration.
My concern: currently my core switch default route is route to 10.33.10.31 then what will happen if the 2nd firewall takes over will my users be able to go out to external sites ? Will the standby IP be the active IP on the 2nd firewall inside interface.
Appreciate all your advice