Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Splitting a failover pair - Dup. MAC addresses

I am trying to bring up a secondary Internet connection and have both active while I migrate from one to the other. To do so, I took one of our two failover PIXs out of service and configured it to support the new connection, while supporting the same networks on inside (DMZs, Inside).

Well, this isn't working so well. As it turns out, both PIXs have identical MAC addresses on every interface, so when I connect them to the same inside network it doesn't work. I understand that when you install a failover pair, the standby PIX adopts the MAC address of the Primary. My question is, how does one undo this?

FYI, there is no "failover Mac-Address" command entered in either PIX.

FWIW, where I stand now is as follows:

I took my PRIMARY PIX out of service (simply because it was not the ACTIVE PIX).

Both PIXs show that they have the failover license installed.

My primary (production) PIX shows:

This host: Secondary - Active

(waiting on every interface)

Other host: Primary - Standby

(Unknown on every interface)

Thanks in advance.

Eric White


Re: Splitting a failover pair - Dup. MAC addresses

not too sure about "both PIXs have identical MAC addresses on every interface".

i believe the issue is when you disconnect pix1, pix2 is in production and it will become the primary with the primary ip; whereas when you connect pix1 back for the new internet link, which can't sync with pix2, so it will takeover the primary ip. however, both of them are connected to lan and running with the same ip.

CreatePlease login to create content