Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Problems with config synchronisation on failover unit

Hi - I've recently swapped a PIX 515 with a failover licence for a replacement unit and since then can't get it to synchronise it's config. The licence says "This platform has a Failover Only-Active/Standby (FO) license"

and the message I get in the logs is;

Message #545 : Detected an Active mate

Message #546 : Unable to sync configuration from Active

Message #547 :

Message #548 :

Message #549 : ========================= NOTICE =========================

Message #550 : This platform is licensed to run in

Message #551 : failover secondary mode only

Message #552 : ==========================================================

It's running version 7.2(1) code - Any ideas? Can't find that message anywhere on CCO or google.

Thanks in advance

5 REPLIES
Silver

Re: Problems with config synchronisation on failover unit

What version is running on the Primary-Active PIX? If the versions are same, did you execute following command on the Secondary-Standby PIX:

failover

Let me know if this helps.

Regards,

Vibhor.

New Member

Re: Problems with config synchronisation on failover unit

Hi Vibhor - Thanks for your reply, The other PIX is running the same code and has an unrestricted lisence.

The active unit is in a live environment. What do you think that command will achieve?

Thanks, Dom

Silver

Re: Problems with config synchronisation on failover unit

When you enter "failover" command on the Secondary PIX, it "enables" failover on that. Without this command executed, it will not work in failover.

http://www.cisco.com/univercd/cc/td/doc/product/multisec/asa_sw/v_7_1/cmd_ref/ef_711.htm#wp1678624

Hope that helps.

Regards,

Vibhor.

New Member

Re: Problems with config synchronisation on failover unit

Thanks Vibhor - There is a line in the config thats says failover, and the output of 'show failover' shows that failover is on.

Something else I've noticed is that the interfaces on the FO unit all say interface down, line protocol up;

Interface config status is active

Interface state is not active

and they all show as waiting in the 'show failover' output;

This host: Secondary - Sync Config

Active time: 0 (sec)

Interface outside (0.0.0.0): No Link (Waiting)

Interface inside (0.0.0.0): No Link (Waiting)

Interface dmz (0.0.0.0): No Link (Waiting)

I'm going to verify that the interfaces are actually plugged into a switch! Do you know if this would affect the ability of the device to sync it's config?

Cheers, Dom

New Member

Re: Problems with config synchronisation on failover unit

I think this is due to the PIX license that your standy PIX has. Your failover PIX has active/standby license which can't be primary when PIX is restarted. I found that you issue "failover active" command from standby PIX to activate the interface.

regards, DJ

222
Views
0
Helpful
5
Replies