Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA Failover Polling

I would like to better understand failover polling with the ASA.

failover polltime unit 1 holdtime 15

failover polltime interface 5 holdtime 25

Unit

What is being polled? An IP address? Which?

How is the unit being monitored? ICMP?

Interface

How are the interfaces polled? The standby (inside) interface polls the active (inside) interface?

How are the interfaces monitored? ICMP?

In config mode, as you question mark (?) through the above commands, the description says the holdtime should be 3 times the poll. Yet the default is either 5 or 15 times? Any ideas why?

I am asking because I recently did some convergence testing. One of my tests was 17 seconds. I quickly discover why (15s holdtime). I lowered my settings to 500ms/2s. The firewalls have failed over several times since the change. I have restored the default times in an effort to stop the failures. The fail message says “other firewall failed”.

Everyone's tags (2)
116
Views
0
Helpful
0
Replies
CreatePlease login to create content