Documentation forNetwork Performance Monitor
Monitoring network performance is a key capability of SolarWinds Observability Self-Hosted (formerly Hybrid Cloud Observability) and is available in the Essentials edition. Network Performance Monitor (NPM) is also available in a standalone module.

High Availability for ASA

This widget summarizes Cisco ASA high availability information for the node, such as the active context, high availability type, and last failover information.

Click the context name to view more details.

SolarWinds recommends that you configure a standby IP address for active ASA interfaces.

ASA high availability node statuses

The color of the circle indicates the node status.

Icon Description/Action
The node is up and running.
The node's status is Warning. The node did not respond to a ping request and is fast-polled for 120 seconds.

The node is not monitored in NPM. For details, see Troubleshoot Unknown nodes.
Add the node as monitored to get details about the node, such as the node name.

If the node is monitored with NPM, verify that you configured both an IP address and a stand-by IP address for each active ASA interface so the node can be paired correctly.
The node is down. The node did not respond during the fast-poll period of 120 seconds.

Labels next to the icons tell you what type of ASA high availability is configured, and the role of individual nodes:

  • Standby/Active
  • Primary/Secondary

ASA high availability device statuses

NPM polls the following high availability statuses on ASA devices. NPM orders the statuses according to importance with device issues listed first.

  • Standby ready (up, down, or unknown)

    • ASA devices (active and standby) see each other and agree that the standby ASA is ready for failover.

  • Configuration state (up, down, or unknown)

    • If the Configuration state is synced, both ASA devices report that the configuration is synchronized.

    If the Configuration state is not synced, ASA devices report that the configuration is not synchronized. If you have NCM installed, click to see the configuration difference.

  • Connection state sync (up, down, or unknown)

    • State - synced means that both ASA devices report that the high availability state is synchronized.

The overall high availability status is indicated by the color of the line:

  • Critical status (red): the Standby ready status is down, and the Configuration state and Connection sync are not relevant.
  • Warning status (yellow): the Standby ready status is up, and Configuration and Connection states are either down or unknown.
  • Up (green): the Standby ready status is up, and the other states are either up or unknown.
  • Unknown (gray): the Standby ready status is unknown, and the other statuses are either up or unknown.

Configure a standby IP address for active interfaces

To find out what interfaces on the ASA you need to configure an IP address and a standby IP for, run the following command:

# show failover

This command lists all interfaces that have nameif specified. Both IP and standby IP address must be correctly configured for them.

To verify the configuration, run the following command on the primary ASA node:

# show run interface

If the standby address is configured, it is displayed in the ip address line, after standby:

interface GigabitEthernet0/4
nameif OUTSIDE
security-level 0
ip address 192.168.100.10 255.255.255.0 standby 192.168.100.11

If the standby address is not specified, run the following commands to configure it:

# configure terminal
# interface GigabitEthernet 0/4
# ip address 192.168.100.10 255.255.255.0 standby 192.168.100.11

For more information on configuring standby interfaces, contact your device vendor.