Cisco Support Community
Community Member

PIX with failover ,complex issue

If the PIX is setup with a failover then afetr a defined poll interval if any of the links of the active PIX goes down , then the failover detects this and takes over as the Active.Is there any configuration by which i can restrict this to some of the interfaces and not all of them, ex ,: i want the failover to take over only if the PIX box fails or if only the INSIDE interface goes down and not when the other interfaces like dmz or outside goes down? Can i do this by not assigning a failover ip address to the particular interfaces , but then if teh failover takes over ,can it communicate thru this interface ? please do give me ur suggestions as to an optimal way of doing this .


Re: PIX with failover ,complex issue

Failover is just that, if it detects a problem, it’s going to failover. This includes and flapping interfaces, etc. You can not pick and choose how critical the failover event is. And no, you have to configure a failover IP address on all interfaces that are not administratively shutdown. If you don’t want it to failover while you’re working in and around the PIX, issue a no failover command to turn the feature off while you’re making your changes.

CreatePlease to create content