版本为ASA8.2
ASA5550-1:
enable
config terminal

interface GigabitEthernet1/0
nameif inside #命令接口#
security-level 100 #设置接口安全级别,低不能访问高#
ip address 192.168.1.1 255.255.255.0 standby 192.168.1.2 #standby是对应另一台备份接口IP#
no shutdown

interface GigabitEthernet0/0
nameif outside
security-level 0
ip address 172.16.1.1 255.255.255.0 standby 172.16.1.2
no shutdown
exit


failover lan unit primary #设置为主防火墙#

failover lan interface folink GigabitEthernet0/2 #设置G0/2为failover接口,该接口作为同步配置

,心跳用#
failover interface ip folink 10.0.0.1 255.255.255.252 standby 10.0.0.2 #设置G0/2的IP,及对应

另一台备份接口IP#
interface GigabitEthernet0/2
no shutdown
exit

failover link stateful_folink GigabitEthernet0/3 #设置G0/3为stateful failover接口,该接口主

要同步会话状态#
failover interface ip stateful_folink 10.0.0.5 255.255.255.252 standby 10.0.0.6
interface GigabitEthernet0/2
no shutdown
exit

failover #启动failover#
copy run start #保存配置#

ASA5550-2:
备机配置很简单,只要配置下面几条,因为他们的配置会自动同步的。
failover lan unit secondary

failover lan interface folink GigabitEthernet0/2
failover interface ip folink 10.0.0.1 255.255.255.252 standby 10.0.0.2
interface GigabitEthernet0/2
no shutdown
exit

failover
copy run start

开启telnet:
username cisco password cisco #telnet设置用户名和密码#
aaa authentication telnet console LOCAL # 设置telnet验证方式#
tenet 0.0.0.0 0.0.0.0 inside #运行内部所有电脑可以telnet到ASA#
telnet timeout 5