Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

PIX 515e with FO not working

Dear All,

I procured a used Firewall with 64 MB Ram and 16 MB Flash.

pixfirewall# show ver

Cisco PIX Firewall Version 6.3(5)

Compiled on Thu 04-Aug-05 21:40 by morlee

pixfirewall up 1 hour 23 mins

Hardware: PIX-515E, 64 MB RAM, CPU Pentium II 433 MHz

Flash E28F128J3 @ 0x300, 16MB

BIOS Flash AM29F400B @ 0xfffd8000, 32KB

Encryption hardware device : VAC (IRE2141 with 2048KB, HW:1.0, CGXROM:1.9, FW:6.5)

0: ethernet0: address is 000d.bc0b.abe9, irq 10

1: ethernet1: address is 000d.bc0b.abea, irq 11

Licensed Features:

Failover: Enabled

VPN-DES: Enabled

VPN-3DES-AES: Enabled

Maximum Physical Interfaces: 6

Maximum Interfaces: 10

Cut-through Proxy: Enabled

Guards: Enabled

URL-filtering: Enabled

Inside Hosts: Unlimited

Throughput: Unlimited

IKE peers: Unlimited

This PIX has a Failover Only (FO) license.

Serial Number: 807352319 (0x301f37ff)

Running Activation Key: xxx

Configuration has not been modified since last system restart.

pixfirewall#

Now whenever I put config t command it's giving me error.

pixfirewall# config t

**** WARNING ***

Configuration Replication is NOT performed from Standby unit to Active unit.

Configurations are no longer synchronized.

pixfirewall(config)#

Please guide exactly what I will have to make this firewall functioning.

Thanks/Regards

Atul

  • Other Security Subjects
2 REPLIES
Cisco Employee

Re: PIX 515e with FO not working

Hello atul_dalvi,

Can you post "sh fail" output from this device. It looks like it is the standby Pix. Did you try doing this on the other Pix?

Hope that helps! If so, please rate.

Thanks

New Member

Re: PIX 515e with FO not working

Atul,

This unit is a licensed with fail over only.

You need to connect it to unrestricted device and then configure it form the primary node.

you can check which one is the primary by typing the folloing command: show failover

Or, in case you have Pix cluster bundle (FO + UR) properly connected, you can force switch between primary and failover nodes by typing the this command:

failover active

you also need to remember that when you change configuration and write it to the startup config, you need to replicate the configuration to the failover device too.

I hope it helped...

Shai P.

106
Views
0
Helpful
2
Replies