Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASA 5520 OSPF Failover issue


I would like some clarification surrounding ASA active/standby failover with OSPF:

I am running OSPF on an active/standby pair, all seems to be working well. The appropriate OSPF neighbor relationship is formed with the active/standby ASA depending on which is active.

If the outside interface goes down, the active unit fails over as expected, however I am unable to failback from the secondary to the primary by issuing the

failover active command on the primary unit. 

If a interface on the primary goes down then it fails over to the secondary. Likewise if there is a interface failover on the secondary it fails over to the primary.

the issue seems to be with me manually failover when all the interfaces are up.

When I type the command on the primary unit( now operating as standby) the failover is initiated to the primary unit. You can see the switch over happening and the necessary OPSF neighbor relationship is formed on the primary unit. After about a minute or so the primary unit initiates a failover back to the secondary unit.

Has anyone experienced this type of behaviour in this type of scenario before ?

Thanks in advance.

Kind Regards

Everyone's tags (5)
Cisco Employee

ASA 5520 OSPF Failover issue


This is not expected behavior.  We need to figure out when it keeps flipping back to the secondary unit and not stay active ont he primary unit.

Sh fail history

may give you some clues in additon to failover syslog messages which are logged in level 1 "ASA-1"  messages.