We were told when the primary pix failed over to the failover pix. The failover pix would run a set number hours and then reboot and this would occur every set number of hours until the primary is replaced. Is this true? and if so what are the set number of hours and can that time be changed??
The secondary PIX will reboot every 24 hours or so if it cannot see the primary.
First : check the licensing of the pix pair. Easy done with a show version command on both PIX.
Primary PIX need's to have a unrestricted (UR) license.
Secondary PIX has a failover (FO) license only.
Second : (If you use a failover cable, 6 feet long max.)
Check the failover cable. Since the pine-out are not the same on both cable end, the cable ends are identified "PRIMARY" at one end, and "SECONDARY" at the other end. Ensure that both end are inserted in the right machine.
Third : Both devices (primary and secondary) must have an identicale hardware and software version.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...