I currently have a set of ASA 5510s with security plus, configured with state full active standby fail-over. They have been working for months, running an IPSEC remote access VPN, as well as some OSPF and VLAN stuff etc.
Today I needed to add in webvpn, which is where the problem came.
Once I entered webvpn enable outside, I lost connection to the firewall, and when I went to look at them, both boxes were not active, instead of the secondary being standby, which is why I was unable to get to it. So I powered off the second one, and the primary started working just fine.
I have not been able to figure out why enabling webvpn caused me to loose connection to the firewall for 1, but even if that is normal, why did it make the secondary firewall go active?
I checked the configured on the second firewall, and all configuration is replicated except the webvpn and webvpn sub configuration commands, which is very odd. I am not having a problem getting the secondary firewall re-synced with the primary, and was wondering if anyone has seem similar problems. I ended up clearing the configuration on the secondary and unplugging it, and then only putting the fail-over commands in, and trying to start that one from scratch, but no luck,the configuration wont sync and if I do write standby for manual sync, it says in progress, try again later, but its been that way for hours etc, so not sure what could be wrong there. I am thinking something is just hung and I may need to reboot the primary, but this is a production firewall, so would be the last resort.
Any help is appreciated, thanks.