but it doesn't seem to have gone exactly to plan. The first 2 points state the following:
Upgrade the license in primary and do a write mem to save the configuration.
Now shut down the primary (do not reboot). This will make secondary active. Do not remove any of the cables throughout the upgradation process.
The problem I have is that when applying the license upgrade to the primary, the failover pair was broken do to a difference in, well.. licenses. This means the secondary wont go active if i shutdown the primary.
I'd like to know whether it is safe for me to simply apply the identical license to the secondary device and reactivate failover remotely. The primary currently has around 30 L2L VPNs terminating on it so I can't risk it crashing/hanging or generally incurring any downtime when I reactivate failover.
If anyone has any insight it would be much appreciated.
On a similar point, I activated failover remotely on another pair a few weeks back and they both crashed before config was replicated. Admittedly this was using the management interface for failover, but all config had been cleared so it has left me a little hesitant.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...