PIX - Sync status continuously displayed

Unanswered Question
Sep 24th, 2009

Hello,

One of our PIX firewalled recently failed over. Since it happened, it constantly dipslays the sync status message:

.............................................

Sync Completed

Sync Started

.............................................

Sync Completed

Sync Started

.............................................

Sync Completed

Sync Started

.............................................

Sync Completed

Sync Started

.............................................

I tried terminal no monitor but it has no effect.

Does anybody know how to get rid of this?

Regards,

Thibault.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Loading.
tprendergast Thu, 09/24/2009 - 10:03

It sounds like you may have some incomplete syncing happening.

You should identify the primary ('sh fail') and verify that the two nodes have good failover connectivity. They could be flapping back and forth, causing this sync loop.

If that checks out ok, then you should verify the configuration on the current primary unit is the most up to date and do a 'wr mem' to save this config to flash, and then do a 'wr standby' to copy the running config to the standby unit's flash. See if that clears up whatever confusion may be causing the replication loop.

If that doesn't work, consider failing back to the other node as something is disagreeing on configurations and causing this constant sync. The only other possibility is that someone or something (script?) is doing a lot of "wr mem" actions. Are you automatically deploying shuns or something like that through a script or manamement utility?

Cheers,

Tim

deephazz02 Mon, 09/28/2009 - 06:34

Hi Tim,

Thanks for you answer.

After investigating this a bit more in depth with Cisco TAC it turned out to be 2 bugs: CSCec73787 and another one which it seems has not been published.

Regards,

Thibault.

Actions

This Discussion