06-01-2006 03:33 AM - edited 02-21-2020 12:56 AM
I have a pair of PIX 515e's in a failover configuration using the failover cable. I have simulated a power failure on the primary device and the secondary device kicks in straight away - exactly as it is supposed to!
My question is, if the primary device fails big then time the seconday device will kick in and the users will continue to work. If the primary device needs to be replaced with another unit, how do you re-introduce a new 'primary' unit back into a failover pair? Do you need to reverse the failover cable so that the primary device is the original seconday and copy the config from the secondary back to the primary? Is there a command to enter on the seconday to copy the config back to the new primary?
Any advice gratefully received.
David.
06-01-2006 07:37 AM
Replication occurs from the active to the stanby. Since the secondary is active introducing a new pix should cause the config to transfer. If it does not use the write standby on the active which manually writes the config to the standby.
If that doesn't work you can always save the config from the active pix and upload that to the new pix
then re-attach.
6.X
7.0
06-01-2006 07:42 AM
Hi,
To introduce the new primary.
Switch the new firewall off.
Connect the cables to the new pix.
Connect the failover cable.
The switch it one.
The presnt (secondary firewall that is active, with write the config back to the primary).
Note: the secondary will still be active except you feel like failing the firewall back.
To do that .
Log on the the firewall ,
do a write mem . This will sychronise both firewall config if they are not in sych .
Then execute
no failover active ( on the Secondary which is the active one).
Finally the new primary will become active .
Confirm by show failover
Regards
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide