i have installed and configured 2 ASA5510 in failover (Active/Standby) and everything work fine, when the primary unit(active) fails, the secondary unit(Standby) assumes the role of active, however, when the primary unit (standby) returns to its normal state, the secondary unit (active) remains "active".
I want that my primary unit is active when returns to its normal state and my secondary unit remains standby.
how can i do this in the configuration of ASA5510?
Cesar, I don't have a second 5510 I could test this with but there is preempt command failover group feature which seems to make this transition automatic for the prefered unit you want to keep in active state when comes back from failure, take a look into and try.
You can also manually force the roles.
See Restoring a Failed Unit or Failover Group section
Cesar, for your case Active/Standby you have to make the switch by manual command, that is , if your primary failed and came backup it will state in the " show faiover " output This host: Primary - Standby ready if you want to have this Standby be the Primary active again you have to issue on the standby unit asa#failover active
once this command is issued on the Primary- Standby it will reclaim the role of Primary active state, and you can confirm this by looking the output of show failover.. always look and take notes at the serial number of each unit to not get you confused with these names of Primary - active , Primary Standby - Secondary active - Secondary standby etc...sometimes it gets confusing.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :