ASA interfaces in Normal(Waiting) state

Unanswered Question
May 20th, 2007


I am having two ASA 5540 running 7.2.2.Both are confgured for Active/Standby Failover. I have three interfaces configured.

Whichever ASA is Active In the "show failover" output two of those interfaces in active unit are in Normal state while the same interface in the Secondary is in Normal(Waiting) state. The third interface in the active is in Normal(Waiting) state, but the same interface in the Standby is in Normal state.

This is regardless of any unit becoming Active. I have downgraded to other OS also 7.0(2) also, but still the same result.

The failover is working perfectly, when either one unit goes down or one interface goes down. I can not find any cosmetic bugs also in the Cisco site.

Can anyone help me in this?



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
smalkeric Fri, 05/25/2007 - 08:35

I think the problem could be with the switch not tagging the packets properly (if in trunk mode). The interfaces are in waiting which means that they are not receiving failover hello packets on the interface from the other firewall. This means one of three things:

1. The firewall interfaces with the problem do not have a standby ip configured.

2. The two interfaces of the firewalls are not in the same layer 2 broadcast domain or

3. The other firewall is not configured for failover, or there is some configuration synchronization problem.


This Discussion