Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

p21
New Member

Transparent firewall with failover with multiple contexts

                   I am running 8.4(2) on ASA5585s. They are in mulitble context mode and set to transparent firewall with active/active failover. When I do a sh failover in a context I see 2 of my interfaces are (waiting). I have a BVI and these are the ip addresses on the interfaces in he "sh failover" below.

Failover On

Last Failover at: 11:54:39 GMT/IST Feb 23 2012

        This context: Standby Ready

                Active time: 175394 (sec)

                  Interface ctxb-inside (x.x.x.165): Normal (Waiting)

                  Interface ctxb-outside (x.x.x.165): Normal (Monitored)

        Peer context: Active

                Active time: 11390663 (sec)

                  Interface ctxb-inside (x.x.x.164): Normal (Monitored)

                  Interface ctxb-outside (x.x.x.164): Normal (Waiting)

Why are the interfaces in (waiting)?

  • Security Management
1 REPLY
Cisco Employee

Transparent firewall with failover with multiple contexts

Are you able to ping between the interfaces? ie: can you ping x.x.x.165 from x.x.x.164 and visa versa? If you are not able to ping it, that means there is no connectivity between the 2, hence the status is in Normal (Waiting) because it has not received the hello packet on that corresponding interface.

Here is the reference guide FYI:

http://www.cisco.com/en/US/docs/security/asa/asa84/command/reference/s3.html#wp1505709

851
Views
0
Helpful
1
Replies