Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
636
Views
0
Helpful
2
Replies

How to reset a FWSM in Sync Config state

jdzhangma
Level 1
Level 1

‎11-14-2006 10:06 AM - edited ‎03-09-2019 04:52 PM

Hi!

I am new to this forum. I posted this information to LAN switch section. Here is my home now.

I have two 6506 switches. Each has a FWSM with ver 3.1. Two FWSMs have been configured in Active/Active failover mode. Both firewalls are in transparant mode and each firewall has three contexts.

Yesterday night I did a AAA configuration. But I was locked out by a mistake, configuring a aaa authorization with a problem. I did not reset the password. Instead I came to the primary unite, disabled the failover and removed the context which blocked me out. Then, I created same context and copied all old configuration.

However, after I removed the wrong aaa authorization command and enbling the failover, the secondary unit went to a Coma State: Sync Config.

I reboot two times of switches and the secondary firewall, but the coma state keeps same. Therefore, currently two firewalls are running on a single switch/FWSM.

My question is: how to reset this without reboot the primary FWSM?

Your suggestion, comment and help will be greatly appreciated.

John Zhang

M&A Technology

jdzhang@macomp.com

Labels:
0 Helpful
2 Replies 2

a.kiprawih
Level 7
Level 7

‎11-14-2006 07:59 PM

Can you share the config and failover status?

0 Helpful

jdzhangma
Level 1
Level 1
In response to a.kiprawih

‎11-15-2006 09:04 AM

Primary Unit# show failover

Failover On

Failover unit Primary

Config sync: active

Version: Ours 3.1(3), Mate 3.1(3)

This host: Primary

Group 1 State: Active

Group 2 State: Active

Other host: Secondary

Group 1 State: Not Detected

Group 2 State: Not Detected

Stateful Failover Logical Update Statistics

Link : statelink Vlan 11 (up)

Primary unit failover configuration:

failover

failover lan unit primary

failover lan interface LANlink Vlan10

failover polltime unit msec 500 holdtime 3

failover polltime interface 3

failover link statelink Vlan11

failover interface ip LANlink 10.10.16.10 255.255.255.0 standby 10.10.16.20

failover interface ip statelink 10.10.17.10 255.255.255.0 standby 10.10.17.20

failover group 1

preempt

replication http

polltime interface 3

failover group 2

secondary

preempt

replication http

polltime interface 3

Secondary Unit# show failover

Failover On

Failover unit Secondary

Failover LAN Interface: LANlink Vlan 10 (up)

Unit Poll frequency 500 milliseconds, holdtime 3 seconds

Interface Poll frequency 3 seconds

Interface Policy 50%

Monitored Interfaces 4 of 250 maximum

Config sync: active

Version: Ours 3.1(3), Mate 3.1(3)

Last Failover at: 02:58:12 CDT Nov 15 2006

This host: Secondary - Sync Config

Active time: 0 (sec)

Stateful Failover Logical Update Statistics

Link : statelink Vlan 11 (up)

Secondary unit configuration:

failover

failover lan unit secondary

failover lan interface LANlink Vlan10

failover polltime unit msec 500 holdtime 3

failover polltime interface 3

failover link statelink Vlan11

failover interface ip LANlink 10.10.16.10 255.255.255.0 standby 10.10.16.20

failover interface ip statelink 10.10.17.10 255.255.255.0 standby 10.10.17.20

failover group 1

preempt

replication http

polltime interface 3

failover group 2

secondary

preempt

replication http

polltime interface 3

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents