Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

PIX-515 failover functionality

Hello gentlemen,

I have 2 pix-firewall 515-E installed in a unacessible room (for now!!!) that forward all traffic (via internet and intranet).

The primary pix is power-off (probably the cause of break-out has damaged it) and network traffic is forwarding using the failover pix.

I would to know: if the failover pix also go down and then up for electrical problem, is the failover pix able to return on itself (without primary pix) for traffic forwarding functionality ?

Many Thanks in advance,

Luca

4 REPLIES

Re: PIX-515 failover functionality

Hi,

Yes. No doubts in that.

In the current scenario, if the current functioning pix( failover) goes down, and comes up, it will still be able to run fine.

There wont be any issues.

Hope this helps. Rate the post if it was helpful.

-VJ

New Member

Re: PIX-515 failover functionality

Hello avvenk,

FYI

The FO and FO_AA licenses are intended to be used solely for units in a failover configuration and not for units in standalone mode. If a failover unit with one of these licenses is used in standalone mode, the unit will reboot at least once every 24 hours until the unit is returned to failover duty. A unit with an FO or FO_AA license operates in standalone mode if it is booted without being connected to a failover peer with a UR license. If the unit with a UR license in a failover pair fails and is removed from the configuration, the unit with the FO or FO_AA license will not automatically reboot every 24 hours; it will operate uninterrupted unless the it is manually rebooted.

When the unit automatically reboots, the following message displays on the console:

=========================NOTICE=========================

This machine is running in secondary mode without

a connection to an active primary PIX. Please

check your connection to the primary system.

REBOOTING....

========================================================

New Member

Re: PIX-515 failover functionality

Hi lolavo,

I know the failover requirements, but in this case the primary pix is broken (and connected with failover cable to the backup pix).

And it seems not reboot every 24 hours (maybe because is phisically connected yet ?).

The problem is that the room must be electrically isolated for 5 minutes and we would know if the failover pix (restarting) go up again or if it's not able to return operative.

Many Thanks in advance,

Luca

Re: PIX-515 failover functionality

Hi,

The failover unit will not be affected by the 24-hours reboot (happens only if you try to use it as standalone pix without the rpesense of primary pix) because the failover cable is still attached to the failover serial port (failover cable mark as secondary).

Whenever the failover unit is down (no pwer supply, etc), then power up again, it will detect the presense of the serial failover cable (plus detecting failover configuration), thus preventing the once-in-every 24-hour automatic reboot behavior.

Rgds,

AK

370
Views
3
Helpful
4
Replies