ASA in failover mode, can't login to primary to make active.

Unanswered Question
Apr 26th, 2007

We have a 5520 and just added a failover unit. I just upgraded the IPS to 5.1(5)-E1 on the primary, so when it reloaded, it failed-over to the secondary. Now I can't make the primary active again, nor can I login to the secondary. I get the user ID and password prompt, but after I put in the password, it eventually gives me a new user ID and p/w prompt.

Please help!!! :o)

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
sachinraja Thu, 04/26/2007 - 05:47


Hve you consoled to both the boxes and seeing it working fine ?? if so, you can remove the stateful failover cable and switch off the primary firewall to see if it works alone with the failover.. in ASA anyway, unlike PIX, where u have a failover license, the failover firewall can work fine and is just the same as the active firewall.. so, see if it works fine with the failover unit.. if so, try the same with the active unit, in a standalone scenario.. if it works too, u can connect the failover cable after upgrading the second IPS also to the same IOS, since the two hardware/software on failover pair, must be identical..

Hope this helps.. let us know.. all the best.. rate replies if found useful..


ttrevino1 Thu, 04/26/2007 - 07:09

Hey Raj, it is working on the failover fine, everything is passing through with no problems. I'm going to disable the failover tonight, and upgrade the secondary IPS.

Thanks for the advice.


This Discussion