Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
605
Views
0
Helpful
3
Replies

cannot telnet to standby asa

carl_townshend
Spotlight
Spotlight

‎04-26-2010 02:19 AM - edited ‎03-11-2019 10:37 AM

Hi all

Is there any reason why I wouldnt be able to telnet to my standby asa? I can ping it from the other ASA fine,via the lan interface, but I cannot ping it from other subnets, should I be able to get to both firewalls for management in the active/standby config ?

cheers

Carl

Labels:
0 Helpful
3 Replies 3

Jennifer Halim
Cisco Employee
Cisco Employee

‎04-26-2010 04:25 AM

Yes, you should be able to telnet to the standby ASA.

What does "show failover" show? Where are you trying to telnet to the standby ASA from?

0 Helpful

carl_townshend
Spotlight
Spotlight
In response to Jennifer Halim

‎04-26-2010 05:05 AM

Hi There

it appearred to be a routing issue, the firewalls were using eigrp to the next hop, I install a static route on them and this fixed the issue.

Carl

0 Helpful

Maykol Rojas
Cisco Employee
Cisco Employee
In response to carl_townshend

‎04-26-2010 10:39 AM

Hello Carl

You are right, and just to backup your answer, here is the information about stateful failover, it says that no routing table information will be passed to the secondary unit,

The information that is not passed to the standby unit when stateful       failover is enabled includes these:

  • The HTTP connection table (unless HTTP replication is           enabled)

  • The user authentication (uauth) table

  • The routing tables

  • State information for security service           modules


That would also cause extra delay when doing failover as the routing protocol would need to re-calculate the routes in order to populate the routing table

Here is the document in case you need it

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00807dac5f.shtml#statef

Thanks and I am glad that you were able to solve it.

Cheers.

Mike

Mike
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card