I would like some clarification surrounding ASA active/standby failover with OSPF:
I am running OSPF on an active/standby pair, all seems to be working well. The appropriate OSPF neighbor relationship is formed with the active/standby ASA depending on which is active.
If the outside interface goes down, the active unit fails over as expected, however I am unable to failback from the secondary to the primary by issuing the
failover active command on the primary unit.
If a interface on the primary goes down then it fails over to the secondary. Likewise if there is a interface failover on the secondary it fails over to the primary.
the issue seems to be with me manually failover when all the interfaces are up.
When I type the command on the primary unit( now operating as standby) the failover is initiated to the primary unit. You can see the switch over happening and the necessary OPSF neighbor relationship is formed on the primary unit. After about a minute or so the primary unit initiates a failover back to the secondary unit.
Has anyone experienced this type of behaviour in this type of scenario before ?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...