cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
568
Views
0
Helpful
4
Replies

Lost telnet to secondary ASA 5510

demo20dog
Level 1
Level 1

ver Version 8.0(3)12

ASA5510 inb active/standby configuration. Somewhere along the line I've lost telnet when failed over to the secondary unit. The firewall passes traffic and I can manage it from ASDM. Nmap shows the primary listening on port 23 but not the secondary when it has the active role. Can't think of any recent changes to the 2 interfaces configured for telnet. I did change the speed of the outside interface to auto to match the ethernet port, but telnet was not bound to e0/0 anyway. I suppose I could rebuild failover from scratch .....

4 Replies 4

torchris
Level 1
Level 1

Could you provide the logs of the time you try to telnet to the other unit?

Probably that will give you the information that you need.

No can do. The secondary unit isn't listening on port 23, there aren't any log entries. As a matter of fact, I can't find any log entries for telnet on the primary unit. Let me look into that some more.

Hi,

Are you sure that the failover is successfully being established between both of the peers (Can you please show us the result of "show failover" command)

Cheers,

Failover looks good, and I've lost telnet on both the active and secondary units. Btw, I want to migrate to ssh in any case, once I figure this out;

ssh 0 0 inside

crypto key gen rsa

but I get a warning message;

" you have a RSA keypair already defined named "

If I overwrite this will ASDM use the new keypair?

Here's the output of sho failover;

Failover On

Failover unit Primary

Failover LAN Interface: FOVER Management0/0 (up)

Unit Poll frequency 1 seconds, holdtime 15 seconds

Interface Poll frequency 5 seconds, holdtime 25 seconds

Interface Policy 1

Monitored Interfaces 3 of 250 maximum

Version: Ours 8.0(3)12, Mate 8.0(3)12

Last Failover at: 15:23:33 EST Dec 2 2008

This host: Primary - Active

Active time: 1013695 (sec)

slot 0: ASA5510 hw/sw rev (2.0/8.0(3)12) status (Up Sys)

Interface Outside (x.x.x.x): Normal

Interface inside (10.0.0.1): Normal

Interface Corp (192.168.128.1): Normal

slot 1: empty

Other host: Secondary - Standby Ready

Active time: 13326 (sec)

slot 0: ASA5510 hw/sw rev (2.0/8.0(3)12) status (Up Sys)

Interface Outside (x.x.x.x): Normal

Interface inside (10.0.0.8): Normal

Interface Corp (192.168.128.3): Normal

slot 1: empty

Stateful Failover Logical Update Statistics

Link : FOVER Management0/0 (up)

Stateful Obj xmit xerr rcv rerr

General 176362412 46886 1642025 0

sys cmd 136700 0 136700 0

up time 0 0 0 0

RPC services 0 0 0 0

TCP conn 166859940 45379 1417487 0

UDP conn 6779062 1507 55863 0

ARP tbl 2586710 0 31975 0

Xlate_Timeout 0 0 0 0

VPN IKE upd 0 0 0 0

VPN IPSEC upd 0 0 0 0

VPN CTCP upd 0 0 0 0

VPN SDI upd 0 0 0 0

VPN DHCP upd 0 0 0 0

SIP Session 0 0 0 0

Logical Update Queue Information

Cur Max Total

Recv Q: 0 25 1653884

Xmit Q: 0 27 177376268

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: