Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
285
Views
0
Helpful
2
Replies

Pix pair failing over/back multiple times per day

clinahan03
Level 1
Level 1

‎09-25-2006 05:32 PM - last edited on ‎02-21-2020 11:16 PM by Community Manager

Hello,

I have two Pix 515Es in a failover configuration. The pixes are running 6.2(2). We have an issue where the primary will fail to the secondary and then later the secondary will fail back to the primary. This issue sometimes is happening 2 to 3 times per day. Both Pixes do not report having been powered off at all but the error reported is a power failuere. Does anyone have any suggestions as to the cause of this issue ? Logs from the last failover are included below:

Sep 26 11:13:13 10.3.193.1 %PIX-1-102001: (Secondary) Power failure/System reload other side.

Sep 26 11:13:13 10.3.193.1 %PIX-1-104001: (Secondary) Switching to ACTIVE - no power detected from mate.

Sep 26 11:13:25 10.3.193.1 %PIX-1-105003: (Secondary) Monitoring on interface 5 waiting

Sep 26 11:13:25 10.3.193.1 %PIX-1-105003: (Secondary) Monitoring on interface 3 waiting

Sep 26 11:13:25 10.3.193.1 %PIX-1-105003: (Secondary) Monitoring on interface 2 waiting

Sep 26 11:13:25 10.3.193.1 %PIX-1-105003: (Secondary) Monitoring on interface 0 waiting

Sep 26 11:13:25 10.3.193.1 %PIX-1-105003: (Secondary) Monitoring on interface 1 waiting

Sep 26 11:13:40 10.3.193.1 %PIX-1-101001: (Secondary) Failover cable OK.

Sep 26 11:13:41 10.3.193.1 %PIX-1-709003: (Secondary) Beginning configuration replication: Send to mate.

Sep 26 11:14:12 10.3.193.1 %PIX-1-709004: (Secondary) End Configuration Replication (ACT)

Sep 26 11:14:17 10.3.193.10 %PIX-1-105002: (PIX) Enabling failover.

Sep 26 11:14:17 10.3.193.10 %PIX-1-709006: (Primary) End Configuration Replication (STB)

Sep 26 11:14:17 10.3.193.10 %PIX-1-105006: (Primary) Link status 'Up' on interface 5

Sep 26 11:14:17 10.3.193.10 %PIX-1-105007: (Primary) Link status 'Down' on interface 4

Sep 26 11:14:17 10.3.193.10 %PIX-1-105006: (Primary) Link status 'Up' on interface 3

Sep 26 11:14:17 10.3.193.10 %PIX-1-105006: (Primary) Link status 'Up' on interface 2

Sep 26 11:14:17 10.3.193.10 %PIX-1-105006: (Primary) Link status 'Up' on interface 0

Sep 26 11:14:17 10.3.193.10 %PIX-1-105006: (Primary) Link status 'Up' on interface 1

Sep 26 11:14:17 10.3.193.10 %PIX-1-105003: (Primary) Monitoring on interface 5 waiting

Sep 26 11:14:17 10.3.193.10 %PIX-1-105003: (Primary) Monitoring on interface 3 waiting

Sep 26 11:14:17 10.3.193.10 %PIX-1-105003: (Primary) Monitoring on interface 2 waiting

Sep 26 11:14:17 10.3.193.10 %PIX-1-105003: (Primary) Monitoring on interface 0 waiting

Sep 26 11:14:17 10.3.193.10 %PIX-1-105003: (Primary) Monitoring on interface 1 waiting

Sep 26 11:14:40 10.3.193.1 %PIX-1-105004: (Secondary) Monitoring on interface 5 normal

Sep 26 11:14:40 10.3.193.1 %PIX-1-105004: (Secondary) Monitoring on interface 3 normal

Sep 26 11:14:40 10.3.193.1 %PIX-1-105004: (Secondary) Monitoring on interface 2 normal

Sep 26 11:14:40 10.3.193.1 %PIX-1-105004: (Secondary) Monitoring on interface 0 normal

Sep 26 11:14:40 10.3.193.1 %PIX-1-105004: (Secondary) Monitoring on interface 1 normal

Sep 26 11:14:42 10.3.193.10 %PIX-1-105004: (Primary) Monitoring on interface 5 normal

Sep 26 11:14:42 10.3.193.10 %PIX-1-105004: (Primary) Monitoring on interface 3 normal

Sep 26 11:14:42 10.3.193.10 %PIX-1-105004: (Primary) Monitoring on interface 2 normal

Sep 26 11:14:42 10.3.193.10 %PIX-1-105004: (Primary) Monitoring on interface 0 normal

Sep 26 11:14:42 10.3.193.10 %PIX-1-105004: (Primary) Monitoring on interface 1 normal

0 Helpful
2 Replies 2

Fernando_Meza
Level 7
Level 7

‎09-25-2006 07:10 PM

Hi .. I suggest you checking:

1.- Status of all monitored interfaces is UP. An interface might be flapping.

2.- The power sources where the PIXes are connected. It could be an electrical issue providing causing unexpect voltage changes.

I hope it helps .. please rate if it does !!!

0 Helpful

clinahan03
Level 1
Level 1
In response to Fernando_Meza

‎09-25-2006 07:32 PM

1. As far as I can tell they are all up (as per the logs above) and nothing indicates a flap in the logs. I forgot to mention that we are using stateful failover via a cross-over cable on intf5. Because we are using stateful failover the uptime information is copied between firewalls, making it difficult to determine whether there has actually been a power outage.

2. I currently have the primary Pix powered off and am running on the secondary. If we have an outage in the next 24 hours we will be able to determine if the issue is power related. If there is no outage then the issue is probably the primary Pix as it reset yesterday when the secondary was powered off.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card