I have 2 5520's in active standby mode which I upgraded the OS's on from 7.0 >7.2. I upgraded the failover unit first and when it came back it told me it couldn't talk to peer. Which I assumed was normal until I upgraded the other 1. After upgrading the 2nd I was still getting these messages and I am not in failover mode amnymore. Is there any way to force synchronization or at the least see what is out of synch so I can do it manually?
There are 3 SNMP-server commands on the "active" machine that aren't in the "Standby" Other than that the "cryptochecksum" at the end of the config is different on each, I assume that's normal. The config on the Normally active FW shows that in "Failover lan unit PRIMARY" and the other says "SECONDARY".
Now it may be important to ad that in order to do the upgrade on the Secondary FW I added incorrectly the "config-register 0x2" command and the "boot system flash:filename" command. The config-reg command caused me to boot to rommon as it was an incorrect command and I manually told it to boot to the image. Subsequent reloads then went correctly. On the Primary machine I just added the bootsystem command. The config-reg command is not part of the config any longer on the secondary.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...