I have 2 sites that have the failover bundle running 6.3(5). I was not able to log into the first site tonight but was finally able to after I logged into a server on the inside and then ssh'd back to the secondary. I had to then switch the active to the secondary and then I was able to log into the primary, who still showed that it was the active firewall. The second site will become inactive after 2 or 3 days of not logging into it, and when it becomes inactive, it does not pass traffic. I originally thought it might be a connection or tcp timeout on the upstream interface, but we've changed it and symptom is still the same. ANyone else see something like this?
do you have stateful or normal failover configured ? Can you post the configs of your units, as well as the output of ´show failover´ ? How are both PIX units at each site connected (that is, through a switch, or is the failover cable directly connected without any intermediate device) ? And do you see anything in the log files ?
Lots of questions...but I guess your problem must have something to do with any of the above issues...:)
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :