Getting a notice by snmp trap after failover?

cco1 · ‎12-07-2008

Hi,

we're running two FWSMs in two seperate 6500s. When a failover test occurs (triggered by "failover active" on the cli on the primary FWSM), the 6500s don't notice that circumstance, although all snmp traps are activated there. This seems to be as "works as designed".

So the solution seems to be to enable snmp traps on the FWSM. But there are just a few snmp traps and none of them belong to the category "failover". So it seems, that the FWSM cannot send a snmp trap, when a failover occurs.

So my question: Is there any way to monitor a failover between two FWSMs with snmp traps?

Thanks!

wong34539 · ‎12-12-2008

The FWSM determines the health of the other unit by monitoring the failover link. When a unit does not receive hello messages on the failover link, then the unit sends an ARP request on all interfaces, including the failover interface. The FWSM retries a user-configurable number of times. The action the FWSM takes depends on the response from the other unit. See the following possible actions:

â€¢If the FWSM receives a response on any interface, then it does not fail over.

â€¢If the FWSM does not receive a response on any interface, then the standby unit switches to active mode and classifies the other unit as failed.

â€¢If the FWSM does not receive a response on the failover link only, then the unit does not failover. The failover link is marked as failed. You should restore the failover link as soon as possible because the unit cannot fail over to the standby while the failover link is down.

For more information about the monitroing process refer the below URL:

http://www.cisco.com/en/US/docs/security/fwsm/fwsm22/configuration/guide/failover.html#wp1109055

To receive SNMP syslog traps for failover, see the below URLfor more information:

http://www.cisco.com/en/US/docs/security/fwsm/fwsm22/configuration/guide/monitor.html#wpxref22797