Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
284
Views
0
Helpful
1
Replies

ASA-X Monitor interface via Hello Packet ?

peter.ip.mobile
Level 1
Level 1

‎12-04-2014 12:25 AM - edited ‎03-11-2019 10:10 PM

Dear Cisco,

 

I add a command to monitor ASA5515-X Firewall Outside interface. I show the monitor interface and see the log that the Outside passed the tracking. Cisco configuration Guide says that Hello packet should be sent so as to track the interfaces.

My connection scenario is listed below.

 

1) A primary switch is connected to Primary ASA's outside interface GE0/0, the interface is up

2) A Backup switch is connected to Backup ASA's outside interface GE0/0, the interface is up

3) In the beginning, the two switch is connected.

4) After the 2x firewall syn, Disconnect the connection between primary and backup switch

5) Hello packet could not be delivered via the Outside Interface anymore.

6) When I "show Monitor-interface, the ASA shows that Outside interface is normal, and thus does not fail over. What goes wrong ?

 

As I am working for a SI, and my manager says raise Cisco TECH ticket as few as possible. I want to confirm if this is abnormal before I strongly request to open a TECH case.  

 

ASA5515X   Version 9.1(1) 

 

Thanks.

 

Peter

Labels:
0 Helpful
1 Reply 1

Vibhor Amrodia
Cisco Employee
Cisco Employee

‎12-05-2014 07:01 AM

Hi,

So you mean to say that the Physical ports on both the ASA device i.e outside interface cannot communicate with each other but still they show NORMAL under the fail-over monitoring ?

Thanks and Regards,

Vibhor Amrodia

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card