cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
826
Views
0
Helpful
3
Replies

How to correct start failover after loosing disk0 on one of ASA

anton.samets
Level 1
Level 1

Hello, guys.

I have some problems with correct answer. One CF in one of ASA had died from active/standby failover cluster few days ago.

So all works perfectly.

But now I have:

asa-5520/act# sh fail

Failover On

Failover unit Secondary

Failover LAN Interface: failover GigabitEthernet0/2 (up)

Unit Poll frequency 1 seconds, holdtime 15 seconds

Interface Poll frequency 5 seconds, holdtime 25 seconds

Interface Policy 1

Monitored Interfaces 3 of 160 maximum

Version: Ours 8.4(4), Mate 8.4(2)

Last Failover at: 00:25:50 UTC Jun 14 2012

This host: Secondary - Active

Active time: 161347 (sec)

slot 0: ASA5520 hw/sw rev (2.0/8.4(4)) status (Up Sys)

Interface internet (x.x.x.1): Normal (Waiting)

Interface inside (10.137.250.1): Normal (Waiting)

Interface management (192.168.1.1): Link Down (Waiting)

slot 1: empty

Other host: Primary - Failed

Active time: 24695466 (sec)

slot 0: ASA5520 hw/sw rev (1.0/8.4(2)) status (Unknown/Unknown)

Interface internet (x.x.x.2): Unknown (Monitored)

Interface inside (10.137.250.2): Unknown (Monitored)

Interface management (0.0.0.0): Unknown (Waiting)

slot 1: empty

Он failover unit Primary has died internal flash card (disk0). So a card had replaced, I've booted up ASA via tftp, copied files (image file, asdm file and startup-config from live ASA).

So I have a quiestion. I have startup-config from unit secondary. As I understand, I can simply change in config the next:

failover lan unit secondary

to failover lan primary

It will be correct?

Or I can make on current secondary command:

failover lan primary

And boot up another ASA with config from secondary?

So, appriciate any help, and I can't experiment with commands, because it's very production

1 Accepted Solution

Accepted Solutions

Marvin Rhoads
Hall of Fame
Hall of Fame

Cisco has a step-by-step guide posted here.

Follow it carefully and you will successfully re-introduce the repaired primary unit with zero downtime.

View solution in original post

3 Replies 3

Marvin Rhoads
Hall of Fame
Hall of Fame

Cisco has a step-by-step guide posted here.

Follow it carefully and you will successfully re-introduce the repaired primary unit with zero downtime.

As I understand correctly, my steps will be next:

On new ASA without any configuration (almost clean) I'll enter:

ASA(config)#failover lan unit primary

ASA(config)#failover lan interface failover GigabitEthernet0/2

ASA(config)#failover link failover GigabitEthernet0/2

ASA(config)#failover interface ip failover 10.10.10.1 255.255.255.252 standby 10.10.10.2

ASA(config)# interface GigabitEthernet0/2

ASA(config-if)#no shut

ASA(config-if)#exit

ASA(config)#failover

And after that configuration will be synced from active (secondary) to standby (primary) unit without any  downtimes and traffic corraption. Yes?

Almost right, but don't forgot to check your license and activation-key, because it's saved on flash card.

I retrieved from cisco.com/go/licence/ activation-key and after that can complitely finish failover recover

Thanks for help.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: