Cisco Support Community
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Firewall Failover


I have 2 PIX firewall in failover mode.

When I issue Show failover command ,I getting the following message,

ROKO# sh failover

Failover On

Cable status: Other side powered off

Reconnect timeout 0:00:00

Poll frequency 15 seconds

Last Failover at: 16:43:57 IST Sat May 12 2007

This host: Primary - Active

Active time: 155925 (sec)

Interface outside ( Link Down (Waiting)

Interface inside ( Normal (Waiting)

Interface dmz ( Normal (Waiting)

Interface intf3 ( Link Down (Shutdown)

Other host: Secondary - Standby

Active time: 0 (sec)

Interface outside ( Unknown (Waiting)

Interface inside ( Unknown (Waiting)

Interface dmz ( Unknown (Waiting)

Interface intf3 ( Unknown (Shutdown)

Stateful Failover Logical Update Statistics

Link : Unconfigured.

In the above what is the meaning of

Cable status: Other side powered off

Secondly when one firewall is in Active mode and other is in Passive,(failover mode)If I connect the console to the secondary firewall which is in passive mode,Can I able to access the secondary firewall.

Please help me.

Thanks and Regards,


Hall of Fame Super Blue

Re: Firewall Failover


This message indicates that the standby unit is actually powered down. Have you checked the status of the standby unit ?. Also if this is not the issue check the failover cable and if possible replace.

If you connect the console to the secondary firewall yes you should be able to access the firewall. Be sure not to configure anything on this secondary firewall though. Config should always be done on the active.



Community Member

Re: Firewall Failover

Issue this command to sync the PIXes.

"write failover"



Community Member

Re: Firewall Failover

Hi Brandon,

I have checked the follwoing:

1. Secondary PIX is powered ON

2. Fail over cable is checked it is O.k,When we remove the fail over cable,Show failover gives " not connected,when we attach the fail over cable ,then the cable status is " Powered Off" Is there any chance for the secondary PIX hardware issue?

3. Can I attach the Console to the passive (Secondary ) PIX and get the access to teh PI?(I will not change the configuration in the passiv)

4. Then the "write stand" is for writing the configuration changes of active PIX into the Passive PIX.

Please clarify.

Thankls and Regards,


Community Member

Re: Firewall Failover


That was.

"write standby" to synch the configs.

CreatePlease to create content