Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

FWSM Failover

Folks,

I have a question regarding FWSM failover. I was reading the documentation and it said that hellos are sent out over the failover link as well as all the interfaces. If any of the interfaces goes down the firewall is declaired down???

what is the concept of monitor-interface then? I am confussed please help.

2 REPLIES
Cisco Employee

Re: FWSM Failover

You can read about monitor-interface command here:

http://www.cisco.com/en/US/docs/security/fwsm/fwsm32/command/reference/m.html#wp1701962

What you read is correct. Hello messages are sent over the failover link as well as other interfaces.

Both units keep a check on the other. If at any time one unit ends up less healthy (less interfaces up or other hardware failure) then, the healthier of the two will take over as the active unit.

New Member

Re: FWSM Failover

if that is the case ( firewalls monitoring each other to see who is healthy based on interface status then why do we need monitor-interface command?

192
Views
0
Helpful
2
Replies