Cisco Support Community
Community Member

PIX 515e Failover / Failback

I have a pair of PIX 515e's in a failover configuration using the failover cable. I have simulated a power failure on the primary device and the secondary device kicks in straight away - exactly as it is supposed to!

My question is, if the primary device fails big then time the seconday device will kick in and the users will continue to work. If the primary device needs to be replaced with another unit, how do you re-introduce a new 'primary' unit back into a failover pair? Do you need to reverse the failover cable so that the primary device is the original seconday and copy the config from the secondary back to the primary? Is there a command to enter on the seconday to copy the config back to the new primary?

Any advice gratefully received.



Re: PIX 515e Failover / Failback

Replication occurs from the active to the stanby. Since the secondary is active introducing a new pix should cause the config to transfer. If it does not use the write standby on the active which manually writes the config to the standby.

If that doesn't work you can always save the config from the active pix and upload that to the new pix

then re-attach.



Community Member

Re: PIX 515e Failover / Failback


To introduce the new primary.

Switch the new firewall off.

Connect the cables to the new pix.

Connect the failover cable.

The switch it one.

The presnt (secondary firewall that is active, with write the config back to the primary).

Note: the secondary will still be active except you feel like failing the firewall back.

To do that .

Log on the the firewall ,

do a write mem . This will sychronise both firewall config if they are not in sych .

Then execute

no failover active ( on the Secondary which is the active one).

Finally the new primary will become active .

Confirm by show failover


CreatePlease to create content