Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Failover Firewall

I have face problem regarding failover with two cisco 5510 ASA

the problem is that other host is FAILEAD.

Why this is failed, is it correct configuration of failover or not?       

ACTIVE# sh failover

Failover On

Failover unit Primary

Failover LAN Interface: FAILOVER Management0/0 (up)

Unit Poll frequency 1 seconds, holdtime 3 seconds

Interface Poll frequency 3 seconds, holdtime 15 seconds

Interface Policy 1

Monitored Interfaces 3 of 110 maximum

Version: Ours 8.2(5), Mate 8.2(5)

Last Failover at: 09:43:30 PKT Aug 11 2013

        This host: Primary - Active

                Active time: 2562199 (sec)

                slot 0: ASA5510 hw/sw rev (2.0/8.2(5)) status (Up Sys)

                  Interface DMZ (10.1.1.1): Normal (Waiting)

                  Interface Outside (125.209.70.90): Normal

                  Interface inside (192.168.11.249): Normal

                slot 1: ASA-SSM-20 hw/sw rev (1.0/6.0(6)E4) status (Up/Up)

                  IPS, 6.0(6)E4, Up

        Other host: Secondary - Failed

                Active time: 0 (sec)

                slot 0: ASA5510 hw/sw rev (2.0/8.2(5)) status (Up Sys)

                  Interface DMZ (10.1.1.2): Failed (Waiting)

                  Interface Outside (125.209.70.91): Normal

                  Interface inside (192.168.11.250): Normal

                slot 1: ASA-SSM-20 hw/sw rev (1.0/6.0(6)E4) status (Up/Up)

                  IPS, 6.0(6)E4, Up

Stateful Failover Logical Update Statistics

        Link : FAILOVER Management0/0 (up)

        Stateful Obj    xmit       xerr       rcv        rerr

        General         354676     0          328888     0

        sys cmd         328961     0          328960     0

        up time         0          0          0          0

        RPC services    0          0          0          0

        TCP conn        1768       0          0          0

        UDP conn        609        0          0          0

        ARP tbl         23394      0          0          0

        Xlate_Timeout   0          0          0          0

        IPv6 ND tbl     0          0          0          0

        VPN IKE upd     8          0          0          0

        VPN IPSEC upd   8          0          0          0

        VPN CTCP upd    0          0          0          0

        VPN SDI upd     0          0          0          0

        VPN DHCP upd    0          0          0          0

        SIP Session     0          0          0          0

        Logical Update Queue Information

                        Cur     Max     Total

        Recv Q:         0       17      328961

        Xmit Q:         0       1487    2835111

ACTIVE#

Navaz       

Navaz
1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

Failover Firewall

The DMZ interface is down on the secondary unit. That causes the primary (active) unit to mark the peer as failed.

If you address that problem, the secondary unit should return to standby status.

3 REPLIES
Hall of Fame Super Silver

Failover Firewall

The DMZ interface is down on the secondary unit. That causes the primary (active) unit to mark the peer as failed.

If you address that problem, the secondary unit should return to standby status.

New Member

Failover Firewall

a single machine with two LAN cards having ip address of one LAN card is 10.1.1.254/24 and other secondry IP address of 10.1.1.253.

will is working?

Navaz

Navaz
New Member

Failover Firewall

Thanks a lot i got ii

Navaz

Navaz
129
Views
0
Helpful
3
Replies
CreatePlease to create content