Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2170
Views
5
Helpful
7
Replies

Failover failed in ASA 5510

Go to solution
francisco del cura ferreira
Level 1
Level 1

‎08-03-2009 06:34 AM - edited ‎03-11-2019 09:01 AM

Hello:

Hope someone can help me in this issue, today I spent several hours in it but I wasn't be able to fix it.

Two ASA 5510 appliances configured for failover through management interface. At the beginning, both were connected to a switch with 2 sub-interfaces in each one, one VLAN for sinchro and the other one for stateful.

As it didn't work I connected both ASA directly configuring only the monitoring interface. I have ping between them, both interfaces are up and I removed the command "management-only" from management. Both have the same license, model, version but always have the same error:

Failover LAN Interface: controlasa Management0/0 (Failed - No Switchover)

Attach the output from the next commands from both ASA:

- show run failover

- show failover

- show version

- show run management 0/0

Hope someone sees what happen...

Many thanks,

Francisco

Labels:
Preview file
5 KB
Preview file
5 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
srue
Level 7
Level 7
In response to francisco del cura ferreira

‎08-03-2009 06:56 AM

what do you mean both interfaces? you have 4 regular interfaces defined (inside,outside, 2xdmz). Check the vlan configuration on those switch ports.

View solution in original post

0 Helpful
7 Replies 7

Go to solution
srue
Level 7
Level 7

‎08-03-2009 06:40 AM

it looks like neither asa can see the other fully. check your switchport assignments as far as the vlans go.

make sure you interfaces are not shutdown on either one.

0 Helpful

Go to solution
francisco del cura ferreira
Level 1
Level 1
In response to srue

‎08-03-2009 06:51 AM

Right now two ASA are connected directly, both interfaces are up/up (there is connectivity between them throug ping)

0 Helpful

Go to solution
srue
Level 7
Level 7
In response to francisco del cura ferreira

‎08-03-2009 06:56 AM

what do you mean both interfaces? you have 4 regular interfaces defined (inside,outside, 2xdmz). Check the vlan configuration on those switch ports.

0 Helpful

Go to solution
francisco del cura ferreira
Level 1
Level 1
In response to srue

‎08-03-2009 07:04 AM

With both interfaces I mean the management interfaces in the appliances.

Yes, they have 4 interfaces, the primary has all of them connected and up and it's providing connectivity to the customer. The secondary only has connected and up the interface management (connected to the another ASA). I didn't connect the regular interfaces because the failover is not working and I would have duplicity IP's issues

0 Helpful

Go to solution
srue
Level 7
Level 7
In response to francisco del cura ferreira

‎08-03-2009 07:14 AM

failover's not working because you haven't connected all interfaces on the secondary.

on the secondary there should be NO configuration other than your failover commands and bringing each interface out of the shutdown state.

reset the config on the secondary (wr er) and then copy/paste in the failover config AFTER you've plugged in ALL interfaces.

Go to solution
francisco del cura ferreira
Level 1
Level 1
In response to srue

‎08-03-2009 07:29 AM

Ok, many thanks for your help

0 Helpful

Go to solution
francisco del cura ferreira
Level 1
Level 1
In response to srue

‎08-06-2009 11:27 AM

As you said, the problem was it. The failover is ok now.

Many many thanks!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card