Issue with LAN Failover

Unanswered Question
Aug 30th, 2010
User Badges:

Does this output of the show failover seem correct?.. Why are there 0.0.0.0 address for the subinterfaces


this is the Active FW--we are running in multiple context...with all the "work" being done in this context



XFW/core# show failover
Failover On
Last Failover at: 11:49:03 UTC Apr 5 2009
        This context: Active
                Active time: 44258322 (sec)
                  Interface Core_Handoff (10.11.24.10): Normal (Waiting)
                  Interface DMZ_Handoff (10.11.20.11): Normal (Waiting)
                  Interface CutThruDMZ (172.20.213.10): Normal (Not-Monitored)
                  Interface VIPs (172.20.224.1): Link Down (Not-Monitored)
                  Interface Direct (172.20.250.1): Normal (Not-Monitored)
        Peer context: Standby Ready
                Active time: 0 (sec)
                  Interface Core_Handoff (0.0.0.0): Normal (Waiting)
                  Interface DMZ_Handoff (0.0.0.0): Normal (Waiting)
                  Interface CutThruDMZ (0.0.0.0): Normal (Not-Monitored)
                  Interface VIPs (0.0.0.0): Normal (Not-Monitored)
                  Interface Direct (0.0.0.0): Normal (Not-Monitored)



Secondary


XFW1/core# sh failover
Failover On
Last Failover at: 11:51:17 UTC Apr 5 200
        This context: Standby Ready


Last Failover at: 11:51:17 UTC Apr 5 2009
        This context: Standby Ready
                Active time: 0 (sec)
                  Interface Core_Handoff (0.0.0.0): Normal (Waiting)
                  Interface DMZ_Handoff (0.0.0.0): Normal (Waiting)
                  Interface CutThruDMZ (0.0.0.0): Normal (Not-Monitored)
                  Interface VIPs (0.0.0.0): Link Down (Not-Monitored)
                  Interface Direct (0.0.0.0): Normal (Not-Monitored)
        Peer context: Active
                Active time: 44258266 (sec)
                  Interface Core_Handoff (10.11.24.10): Normal (Waiting)
                  Interface DMZ_Handoff (10.11.20.11): Normal (Waiting)
                  Interface CutThruDMZ (172.20.213.10): Normal (Not-Monitored)
                  Interface VIPs (172.20.224.1): Normal (Not-Monitored)
                  Interface Direct (172.20.250.1): Normal (Not-Monitored)

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Edward Dutra Mon, 08/30/2010 - 16:12
User Badges:
  • Cisco Employee,

NT is correct.


Youre missing Standby IP addresses in firewall configuration. Once you configure a standby IP for each interface, the 0.0.0.0 will be configured with the configured standby IP address.

Actions

This Discussion