Cisco Support Community
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

ASA 5510 failover failure


I have experiensed failover failure on the new instalation of pair of ASA 5510 7.2(2). I use multi context mode but actualy in Active/Standby mode. Only the reason fro multi context is the preemtion option only supported in multiple mode.

The problem is that after restart of the primary/activ box it fall in to state "failover off" or "could standby".

Only recovery procedure to get the failover up and running is switch off the secondary box, restart the primary and finaly switch on the secondary again.

This behavior was seen only when restarting the active. If I simulate other failure e.g. interface disconnect it works fine.

Can someone advise if:

1. Configuration with single failover group is valid ?

2. If someone experienced similar behavior. Or have any idea.

See the failover configuration:


failover lan unit primary

failover lan interface failover Ethernet0/3

failover polltime unit 2 holdtime 10

failover key *****

failover link failover Ethernet0/3

failover interface ip failover standby

failover group 1


polltime interface 2 holdtime 10

Thanks for any ideas.



Community Member

Re: ASA 5510 failover failure

Hi, Roman;

Roman, I don't have an immediate answer, but, as I looked at your "Show Fail" response, it prompts the question:

Are you showing the 'fail' commands for the Active (unrestricted license) box, or are you showing the 'fail' command for the standby (FO license) box? It appears to me that you are showing the 'fail' commands response from the Active (unrestricted license) box.

Good luck with figuring it out.


Community Member

Re: ASA 5510 failover failure


the boxes are ASA which does not dostinguish UR or FO licneses. This platform has an ASA 5510 Security Plus license which is FO capable.

The "show run failover" is of course from the primary box. The secondary has the same config with only exeption "failover unit secondary" command.

Thatnx for your reply.



Community Member

Re: ASA 5510 failover failure

Hi, Roman;

Thank you for your clarification. I have - with yours and others such communications - piecemealed that together (now figured that out, or learned that.)

I did observe, however, that the config that was originally posted did say, "failover unit primary". You had reported that your efforts were with the failover unit. Since the config said, "failover unit primary", I am guessing that now our further clarification is that you WERE working with the Primary unit that had now fallen into a "standby" mode (or function/capacity).

My experience(s) have/had only dealt with the issue, or matter of the FO-licensed unit (and now I see/understand that it is/may not be applicable in the context of ASA's) being hard-coded to reboot every 24th hour.

Well, I'll be interested in learning how this ultimately is resolved.

Good luck, in the meanwhile.



CreatePlease to create content