Onf of two FWSMs stay in coma state, Sync Config

Unanswered Question
Nov 14th, 2006
User Badges:

I have two 6506 switches. Each has a FWSM with ver 3.1. Two FWSMs have been configured in Active/Active failover mode. Both firewalls are in transparant mode and each firewall has three contexts.


Yesterday night I did a AAA configuration. But I was locked out by a mistake, configuring a aaa authorization with a problem. I did not reset the password because I did not figure out this. Instead I came to the primary unite, disabled the failover and removed the context which blocked me out. Then, I created same context and copied all old configuration.


However, after I removed the wrong aaa authorization command and enbling the failover, the secondary unit went to a Coma State: Sync Config.


I reboot two times of switches and the secondary firewall, but the coma state keeps same. Therefore, currently two firewalls are running on a single switch/FWSM.


My question is: how to reset this without reboot the primary switch?


Your suggestion, comment and help will be greatly appreciated.


John Zhang

M&A Technology

[email protected]

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
sbilgi Mon, 11/20/2006 - 11:47
User Badges:
  • Silver, 250 points or more

his problem occurs when users share an Access Control List (ACL) with a Network Address Translation (NAT) policy. That is, the same ACL is used more than once in the Command Line Interface (CLI) NAT.

For example:

nat (inside) 1 access-list

nat (dmz) 1 access-list

Actions

This Discussion