The Standby ASA5520 started logging the following message sequence for each interface:
(1)%ASA-1-105005: (Primary) Lost Failover communications with mate on interface ________
(2)%ASA-1-105008: (Primary) Testing Interface ________
(3)%ASA-1-105009: (Primary) Testing on interface ________ Passed
This is repeated over and over.
The ASAs appear to be operating OK in spite of the messages.
. This message is displayed if this unit of the failover pair can no longer communicate with the other unit of the pair. (Primary) can also be listed as (Secondary) for the secondary unit.
Recommended Action Verify that the network connected to the specified interface is functioning correctly.
This message reports the result (either Passed or Failed) of a previous interface test. If the result is Failed, you should check the network cable connection to both failover units, that the network itself is functioning correctly, and verify the status of the standby unit.
Refer this link:
Pengke11, Thanks for replying.
(1)There is a direct connection between the Management0/0 Interfaces of the two ASA5520 units.
(2)This connection is used for both Failover and the Stateful Failover links.
(3)The cable does NOT appear to be a crossover cable.
(4)The Management0/0 interface is set to Full-duplex and 100 mbps. The other interfaces are Full Duplex and 1000 mbps.
(5)When the units are rebooted, the error goes away, but they eventually return.
(6) Except for the error messages that the standby unit is issuing, everything seems to be running OK.
Should the direct connection between the ASAs be using a crossover cable?
Yes the connections should be using a x-over. They are not auto midix so this will fail.
Interesting that your using the management interface as the failover link. In most cases we have used one of the gi interface. This may cause some trouble??
I replaced the cable with a x-over. Errors still occuring.
I guess the guy who set up the ASAs ran out of Gig interfaces, so he used the Mgt interface. What is it normally used for?
I may try to free up one of the Gig interfaces and use it for fail-over.
I am curious to know if this problem suddendly developed or has it been as such for a while.
From what I have read on ASA's and 7.x code I have not encounter any text indicating the management interface being bound to be only management. Well, there is a sea of information and I may be wrong . I would carefully review requirements/guidelines in failover implementations
and both ASA's failover configurations , look into avery possible angle , lisencing etc.., at least you have ruled out
Failover link, primary an secondary units configuration
Configuring LAN-Base Active/Standby Failover
Do you still have this issue? My ASA 5520 just started with these messages over the weekend and my cables seems to be ok. I'm on version 7.2.2, perhaps a bug?