Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

PIX 515E Failover Rebooting Problems

On Thursday 23rd November we upgraded the PIX cluster to version 7.1(2) from 6.2(2) with the default memory (64Mb) in each PIX. The Active PIX then suffered what appeared to be a memory leak (attributed to the ARP Thread process). This continued for a number of days ? with the result that we force reloaded the Active PIX every 8 hours to ensure continuity of service. On Monday 27th after a reload ? it was noticed that the Active PIX was no longer leaking memory through the ARP thread process ? that same day we upgraded the PIX cluster to 128Mb memory. We then experienced Active/Standby switchovers every 2 hours ? which appeared to be attributed to missed ?hellos? in the failover messaging ? we decided then to configure LAN failover on the PIX cluster. In the process of enabling this feature the secondary PIX (which was the current Active) crashed

Do you have any explanations as to why the above events occured.

1 ACCEPTED SOLUTION

Accepted Solutions
Bronze

Re: PIX 515E Failover Rebooting Problems

Hi Carlton,

I can tell you that maybe the method you have used to upgrade starts the chain of problems. I used to migrating these products and I have never faced it before. Generally I save all configurations, program a stop of service and I leave the failover unit working alone while I do the upgrade of the ex-Active unit. After the upgrade, I had loaded the software configuration I saved before and made the customizations.

For the Unrestricted PIX, is real necessary the 128Mb memory. For the Restricted, you could use the default 64Mb.

After that, you can place the active unit instead of the failover. You upgrade the failover unit so, and connect it again in the active, already in production, and start the synchrony again.

For all my customers it worked.

Hope it helps. If it does, please rate.

Regards,

Rafael Lanna

1 REPLY
Bronze

Re: PIX 515E Failover Rebooting Problems

Hi Carlton,

I can tell you that maybe the method you have used to upgrade starts the chain of problems. I used to migrating these products and I have never faced it before. Generally I save all configurations, program a stop of service and I leave the failover unit working alone while I do the upgrade of the ex-Active unit. After the upgrade, I had loaded the software configuration I saved before and made the customizations.

For the Unrestricted PIX, is real necessary the 128Mb memory. For the Restricted, you could use the default 64Mb.

After that, you can place the active unit instead of the failover. You upgrade the failover unit so, and connect it again in the active, already in production, and start the synchrony again.

For all my customers it worked.

Hope it helps. If it does, please rate.

Regards,

Rafael Lanna

138
Views
3
Helpful
1
Replies
CreatePlease to create content