we are running two 5520 ASAs in Active-Standby-Failover and since we flashed the ASA to the newest
interim firmware release 8.2(2)17, we see the following entry:
%ASA-5-720012: (VPN-Secondary) Failed to update IPSec failover runtime data on the standby unit.
This happens every few seconds and about 20 times per second. The documentation just says:
Error Message %ASA-6-720012: (VPN-unit) Failed to update IPSec failover runtime data
on the standby unit.
Explanation This message appears when the VPN failover subsystem cannot update IPSec-related runtime data because the corresponding IPSec tunnel has been deleted on the standby unit.
•unit—Either Primary or Secondary
Recommended Action None required.
Although the error message just is a level-5 message, it's a bit worrying, because it shows that the
secondary ASA out of sync concerning IPsec failover data.
Does anyone has any ideas what to do?
Is it just due to the new firmware, that makes the ASA more chatty or is it maybe a more severe problem?