06-12-2012 04:03 PM - edited 03-11-2019 04:18 PM
Hello,
I disabled failover by issuing the following command:
hostname(config)#no failover
if I type the command "sho fail" I get the following:
fw1# sho fail
Failover Off
Failover unit Primary
Failover LAN Interface: cv_fw_failover Ethernet0/3 (up)
Unit Poll frequency 1 seconds, holdtime 15 seconds
Interface Poll frequency 5 seconds, holdtime 25 seconds
Interface Policy 1
Monitored Interfaces 3 of 110 maximum
fw1# sho fail
Failover Off (pseudo-Standby)
Failover unit Secondary
Failover LAN Interface: cv_fw_failover Ethernet0/3 (up)
Unit Poll frequency 1 seconds, holdtime 15 seconds
Interface Poll frequency 5 seconds, holdtime 25 seconds
Interface Policy 1
Monitored Interfaces 3 of 110 maximum fw1# sho fail
Failover Off (pseudo-Standby)
Failover unit Secondary
Failover LAN Interface: cv_fw_failover Ethernet0/3 (up)
Unit Poll frequency 1 seconds, holdtime 15 seconds
Interface Poll frequency 5 seconds, holdtime 25 seconds
Interface Policy 1
Monitored Interfaces 3 of 110 maximum
However, now I can't seem to get the units in active/standby failover mode. Do I need to reload in order to force it into active/standby?
I really need to get this resolved ASAP. Any help would be greatly appreciated.
Thanks,
Michael
Solved! Go to Solution.
06-13-2012 06:33 PM
Great to hear all is working good now. Thanks for your update.
Please kindly mark the post answered so others can learn from your post. Thank you.
06-12-2012 08:01 PM
Just re-enable "failover" on both primary and secondary unit. That should bring the failover back up and they should go in Active/Standby mode.
Have you enabled the failover again on both units?
06-12-2012 08:12 PM
Hello Jennifer,
I had to leave for the evening. I'll try that first thing when I get into the office tomorrow morning. Just so that I'm clear;
config t
failover
exit
Those commands on both units will put it back into Active/Standby mode. Documentation was showing "failover active", but that didn't work either. I did not enter that on both units, so I'm not sure if that command would have corrected the issue had I done so to both.
I'll let you know how it went tomorrow. Thank you for your reply.
Michael
06-12-2012 08:15 PM
Yes, you are right:
config t
failover
exit
on both units, that would enable the failover feature on both units, and it will detect who is the Active and Standby and once detected will put the pair in Active/Standby mode.
The command: failover active, is used when you want to force the standby unit to become the active unit.
However since you turned off failover, the command is irrelevant.
Let us know how it goes tomorrow.
06-13-2012 06:53 AM
One quick question before proceeding: will the firewall or experience any momentary loss of connection when enabling failover? Right now, we are in production hours and I can't have any interruptions in service.
Thanks,
Michael
06-13-2012 06:57 AM
It might, i would suggest that you enable it during non peak hours.
06-13-2012 07:08 AM
Thanks for the clarification Jenifer. I'll make changes later and update you how it went.
Michael
06-13-2012 03:48 PM
Hello Jennifer,
Enabled failover on primary unit after production hours.
fw1(config)# failover
fw1(config)# exit
No Response from Mate
fw1# Beginning configuration replication: Sending to mate.
End Configuration Replication to mate
A sho fail on the primary unit confirmed Primary - Active state.
I lost my SSH session to the standby unit. No traffice interruption on primary firewall. When FW2 was accessible, it was in Standby - Ready state.
All systems are up and functional. So when failover is enabled on the primary firewall, it sends the configuration automatically to the standby unit without having to manually enable failover.
Take away's:
Thank you so much for your assistance.
Michael
06-13-2012 06:33 PM
Great to hear all is working good now. Thanks for your update.
Please kindly mark the post answered so others can learn from your post. Thank you.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide