PIX Failover

sdarwin · ‎04-03-2003

We are adding a second PIX 515 with a FO license as a failover device.

I am concerned about what will happen in the event of a failover. Specifically, the documentation says to not use a FO device as a standalone because it will automatically reboot once every 24 hours. What will happen if I am out of town for 1 week, and the power supply of the primary device dies. Will the secondary device be rebooting every 24 hours because it thinks it is now being used as a stand-alone device? The primary device is "gone" now, after all. Or, will the FO device run for an indefinite period of time without rebooting?

gfullage · ‎04-03-2003

As long as the failover cable stays connected, the FO unit detects this and knows that there is still a primary unit, even if it is powered down (the cable has a short in it somehow that detects that it's connected to a unit even if that unit has no power). In this situation, it won't reboot every 24 hours and you'll be fine.

The theory is that you get a replacement for the failed primary, but leave it cabled up while you're doing this so that the secondary knows there's still a PIX there. Then you can replace the failed unit at your leisure.

You can read all about failover here: http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref/df.htm#1067379

karl.jones · ‎04-04-2003

What about if you use an ethernet connection (crossover cable) for failover instead of the failover cable. Is this still the case?