Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
208
Views
0
Helpful
1
Replies

Problem with Pix515E 6.3(4) in failover mode

jagbir_singh
Level 1
Level 1

‎04-25-2006 04:08 AM - edited ‎03-09-2019 02:43 PM

I am facing a problem in pix515e 6.3(4) in failover mode. Problem is that when I make secondary as active firewall traffic is running fine but when I am making primary as active traffic is not smooth and there are RTOs after 10-15 replies. Again if I make secondary as active traffic is smooth and having no problem.Please suggest on the same.

Labels:
0 Helpful
1 Reply 1

a-vazquez
Level 6
Level 6

‎05-03-2006 08:10 AM

If you have failover hello set to the maximum of 15 seconds and the inside interface goes bad, then the standby does not declare that the primary has failed until it misses at least two hellos, 30 seconds. Some people set the failover hellos to the minimum of 3 seconds but then the PIX can failover unnecessarily. Cisco recommends that you set the hello to the maximum of 15 seconds.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094ea7.shtml#statefulfailover

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents