Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Failover cable

Is possible to connect two pix in mode failover without failover cable

2 REPLIES
New Member

Re: Failover cable

NO, the failover cable is what makes failover possible. The cable is configured so that one end connects specifically to the failover PIX and one end connects to the Master PIX. When you plug in the secondary PIX it automatically downloads a copy of the config. You can add an aditional cable called a "stateful" failover cable. This allows failover without dropping connections. I once dialed up to an external ISP, made a VPN connection to our PIX, walked back to the wiring room and pulled the plug on the main PIX firewall. The VPN connection stayed up... didn't miss a beat. Now that is a nice feature!

New Member

Re: Failover cable

Most of your information is correct however Stateful failover does nor replicate any sa information and therefore VPN connections will not stay up.

If you know of some undocumented feature please let me know however I suspect you just reconnected with a pre-shared key.

430
Views
0
Helpful
2
Replies