PIX failover I.

johnleeee · ‎07-10-2007

Hi all,

Id like to consult my first problem related

to failover configured on PIXs 525 with ver. 7.0.4. I constantly see this message

on secondary PIX :

%PIX-3-210005: LU allocate connection failed

But when I look at free mem (CLI command

show mem) I see that free mem. is 74 % on both PIXs.

So any idea?

BR

jl

timkaye · ‎07-10-2007

Hello.

Maybe there is suspect RAM?

It would be interesting to see if this occurs when the unit is secondary - active.

Are the units identical?

Taken from log message information

Error Message %PIX-3-210005: LU allocate connection failed

Explanation Stateful Failover cannot allocate a new connection on the standby unit. This may be caused by little or no RAM memory available within the firewall.

Recommended Action Check the available memory using the show memory command to make sure the PIX Firewall has free memory in the system. If there is no available memory, add more physical memory to the firewall.

johnleeee · ‎07-11-2007

Hello,

thanks for your explanation. Yes, both PIXs are

identical. It is from definition of failover...

both PIXs has to be identical in SW and HW.

I read Error Message from Cisco you just wrote above but on both PIXs is 73% free memmory..

So why we see this message on secondary PIX....still ?

Any idea..?

BR

jl

timkaye · ‎07-11-2007

No idea sorry John.

Might be worthwile seeing if when you fail the pix you get the message on the standby unit (primary).

If not I'd be inclinded to follow up Cisco TAC (if you have support) and see what they recommend.