Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
255
Views
0
Helpful
2
Replies

monitor-interface configuration not replicated to secondary PIX

adrian.kelly
Level 1
Level 1

‎11-20-2005 09:10 PM - edited ‎02-21-2020 12:32 AM

I have a PIX 515 in Active\Passive failover on PIX 7.0(2). I have disabled monitoring of several interfaces with the "no monitor-interface" command as they are not in use. When checking failover on secondary firewall all interfaces are being monitored and the "no monitor-interface" configuration ahs not been replicated. Does anyone know if this is a bug or intentional?

0 Helpful
2 Replies 2

primero
Level 1
Level 1

‎11-21-2005 07:52 AM

Each command u give on the Active unit should be "executed" on the Standby unit too by the failover framework otherwise the failover function would not work in case of failure of the primary unit giving u a working device with a different configuration, this is real also for the no monitor-interface command.

What about if u do a "write standby" on the active unit?

Bye

Francesco

0 Helpful

adrian.kelly
Level 1
Level 1
In response to primero

‎11-21-2005 02:03 PM

I have done a write standby and this has not fixed the issue. I have even entered the configuration on the secondary PIX directly then done a write standby from the primary, this has overwriten configuration and the original issue reappears. The write standby does not seem to replicate the "no monitor-interface" commands.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card