Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

Onf of two FWSMs stay in coma state, Sync Config

I have two 6506 switches. Each has a FWSM with ver 3.1. Two FWSMs have been configured in Active/Active failover mode. Both firewalls are in transparant mode and each firewall has three contexts.

Yesterday night I did a AAA configuration. But I was locked out by a mistake, configuring a aaa authorization with a problem. I did not reset the password because I did not figure out this. Instead I came to the primary unite, disabled the failover and removed the context which blocked me out. Then, I created same context and copied all old configuration.

However, after I removed the wrong aaa authorization command and enbling the failover, the secondary unit went to a Coma State: Sync Config.

I reboot two times of switches and the secondary firewall, but the coma state keeps same. Therefore, currently two firewalls are running on a single switch/FWSM.

My question is: how to reset this without reboot the primary switch?

Your suggestion, comment and help will be greatly appreciated.

John Zhang

M&A Technology


Re: Onf of two FWSMs stay in coma state, Sync Config

his problem occurs when users share an Access Control List (ACL) with a Network Address Translation (NAT) policy. That is, the same ACL is used more than once in the Command Line Interface (CLI) NAT.

For example:

nat (inside) 1 access-list

nat (dmz) 1 access-list

CreatePlease to create content