07-27-2007 06:13 AM - edited 03-11-2019 03:50 AM
One FWSM failed - H/W fault. A new FWSM was used to replace failed module. Since then we cannot get redundancy to work.
Could it be that one FWSM is at version 2.3(3) and the other one is at 2.3(2). But customer said that this difference was there even before and they did not have any problem before the H/W fault.
CFW001(config)# failover
CFW001(config)#
CFW001(config)#
CFW001#
CFW001#
Detected an Active mate
CFW001#
CFW001#
Vlan configuration mismatch
Failover will be disabled
CFW001#
CFW001#
CFW001# sh vlan
2-9, 11, 15, 17-29 , 31-33 , 37-40 , 48-50
CFW001#
CFW001# sh failover
Failover Off (pseudo-Standby)
Failover unit Secondary
Failover LAN Interface lfover Vlan 49
Unit Poll frequency 1 seconds, holdtime 15 seconds
Interface Poll frequency 15 seconds
Interface Policy 50%
Monitored Interfaces 0 of 250 maximum
failover replication http
CFW001#
07-27-2007 07:12 AM
Hi
The times when i get a vlan configuration mismatch message is when there is a discrepancy between the vlans that have been allocated to the FWSM.
Could you confirm whether the "firewall multiple-vlan-interfaces" is present on CSW002 ?.
If it isn't and you have 2 or more vlans that have routed interfaces on the CSW002 switch it may well decide to not allocate one of the vlans leading to a vlan mismatch.
HTH
Jon
07-27-2007 12:30 PM
I believe only hitless upgrade is supported between minor versions but they both needs to running identical software, licenses and same VLAN configurations
07-27-2007 05:09 PM
Jon,
That was my firts reaction when I looked at the two CAT6500 configs and asked customer to have this command
firewall multiple-vlan-interfaces
in both switches.
This morning he did and the result was still the same as before. Problem is still there.
Vara,
What is hitless upgrade - any pointers / urls explaining this?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: