ASA5520 OS upgrade problem

chrish · ‎08-31-2006

I have 2 5520's in active standby mode which I upgraded the OS's on from 7.0 >7.2. I upgraded the failover unit first and when it came back it told me it couldn't talk to peer. Which I assumed was normal until I upgraded the other 1. After upgrading the 2nd I was still getting these messages and I am not in failover mode amnymore. Is there any way to force synchronization or at the least see what is out of synch so I can do it manually?

Thanks

a.kiprawih · ‎08-31-2006

What's the current config of both ASA looks like?

chrish · ‎09-01-2006

I compared the 2 configs pretty cloesly.

There are 3 SNMP-server commands on the "active" machine that aren't in the "Standby" Other than that the "cryptochecksum" at the end of the config is different on each, I assume that's normal. The config on the Normally active FW shows that in "Failover lan unit PRIMARY" and the other says "SECONDARY".

Now it may be important to ad that in order to do the upgrade on the Secondary FW I added incorrectly the "config-register 0x2" command and the "boot system flash:filename" command. The config-reg command caused me to boot to rommon as it was an incorrect command and I manually told it to boot to the image. Subsequent reloads then went correctly. On the Primary machine I just added the bootsystem command. The config-reg command is not part of the config any longer on the secondary.

sean · ‎09-01-2006

Disconnect your failover and re-apply the failover config portion to each respective unit. Afterwards, power off your standby, plug everything back in, then power it back on.

Hope this helps.