ASA in failover mode, can't login to primary to make active.

ttrevino1 · ‎04-26-2007

We have a 5520 and just added a failover unit. I just upgraded the IPS to 5.1(5)-E1 on the primary, so when it reloaded, it failed-over to the secondary. Now I can't make the primary active again, nor can I login to the secondary. I get the user ID and password prompt, but after I put in the password, it eventually gives me a new user ID and p/w prompt.

Please help!!! :o)

sachinraja · ‎04-26-2007

Hello,

Hve you consoled to both the boxes and seeing it working fine ?? if so, you can remove the stateful failover cable and switch off the primary firewall to see if it works alone with the failover.. in ASA anyway, unlike PIX, where u have a failover license, the failover firewall can work fine and is just the same as the active firewall.. so, see if it works fine with the failover unit.. if so, try the same with the active unit, in a standalone scenario.. if it works too, u can connect the failover cable after upgrading the second IPS also to the same IOS, since the two hardware/software on failover pair, must be identical..

Hope this helps.. let us know.. all the best.. rate replies if found useful..

Raj

ttrevino1 · ‎04-26-2007

Hey Raj, it is working on the failover fine, everything is passing through with no problems. I'm going to disable the failover tonight, and upgrade the secondary IPS.

Thanks for the advice.