Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

not monitored interface on firewall

output to view failover status gives "not monitored" states on the available interface although all of the interfaces are up & passing traffic. same is the case with other unit.

Please advise how to deal with this.

Thanks!

1 ACCEPTED SOLUTION

Accepted Solutions

Re: not monitored interface on firewall

Sunny,

in your primary asa issue:

monitor-interface Zone1

monitor-interface Zone2

- wait few seconds , then issue "show failover" monitor status on the interfaces should be normal

Regards

4 REPLIES

Re: not monitored interface on firewall

Can you post the actual output of show failover from primary-active fw.

if your firewall logical interfaces have the (no monitored) output by defaul logical interfaces are not monitored thus you will need to issue from the active firewall monitor-interface nameif .

asa(config)#monitor-interface

Regards

New Member

Re: not monitored interface on firewall

Sh failov with values changed:

Interface Zone1 (10.11.2.3): Normal (Not-Monitored)

Zone2 (10.12.3.4): Normal (Not-Monitored)

There is no problem in passing traffic across these firewalls.

failover

failover lan unit primary

failover preempt 120

failover lan interface Failover Vlan155

failover link Stateful_Link Vlan154

failover interface ip Failover 10.2.155.251 255.255.255.252 standby 10.2.155.250

failover interface ip Stateful_Link 10.2.155.249 255.255.255.252 standby 10.2.155.248

Re: not monitored interface on firewall

In order to enable health monitoring on a specific interface, use the monitor-interface command in global configuration mode: monitor-interface

Even if you are not monitoring an interface, the interface will still pass data traffic!

Re: not monitored interface on firewall

Sunny,

in your primary asa issue:

monitor-interface Zone1

monitor-interface Zone2

- wait few seconds , then issue "show failover" monitor status on the interfaces should be normal

Regards

660
Views
4
Helpful
4
Replies
CreatePlease to create content