Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

PIX failover does not work, and the interface is in waiting state

Core issue

This issue occurs because another machine on the network has the same address as one of the PIX Firewall units.

Resolution

To resolve this issue, perform these steps:

  1. Change the duplicate address on the PIX.

    Note: For PIXes in a failover configuration, the active PIX is the only one that must be changed. The configuration is then synchronized between the active and standby PIXes.

  2. On the active PIX, define the IP addresses of each interface, as well as the IP addresses of the standby PIX.

    This is an example:

    ip address inside 10.1.1.1 255.255.255.0
    failover ip address inside 10.1.1.2

  3. Verify that you can ping from the active PIX to all the interfaces on the standby PIX. Also, verify that you can ping from the standby PIX to the interfaces on the active PIX.

Version history
Revision #:
1 of 1
Last update:
‎06-22-2009 03:38 PM
Updated by:
 
Labels (1)