Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
297
Views
0
Helpful
2
Replies

PIX Failover time

thethmon
Level 1
Level 1

‎11-03-2003 06:55 AM - edited ‎02-20-2020 11:04 PM

I'm hoping someone out there can definitively answer a question concerning failover time because I find conflicting information in the Cisco docs. We are debating turning on stateful failover for a new set of PIXes protecting a DMZ area - 525's w/ 6.3 code. If we do this and the primary PIX fails, how long does it take for the secondary to take over? Currently our production PIXes do LAN failover so fast we don't notice, but we've never done stateful failover. My concern is that the docs I find state it takes 30 seconds to failover. If I have a customer on my website and it fails, will they wait 30 seconds for a response or will I lose the business?

0 Helpful
2 Replies 2

wsitu
Level 1
Level 1

‎11-03-2003 11:24 PM

this parameter is configurable using "failover poll" command. we have configured statful failover on a pair of 525s with 6.2(2) code. set the poll interval to 3 seconds. the stateful failover did not take 9 seconds before failing over, more like 4-5 seconds. tcp connections didn't get drop (feature of stateful). work like a charm. hope this help.

0 Helpful

thethmon
Level 1
Level 1
In response to wsitu

‎11-04-2003 06:10 AM

Thanks for the information. That's good to hear.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card