gblumberg2
IS-IT--Management
hi all, we have an asa 5520 cluster and we keep getting failures on the primary to the standby unit. It appears now that the standby unit has not reverted back to the primary since the last failover.
What i want to do is make sure the standby unit that is active remains the primary unit and the failed unit stays secondary until we can get fixed. Do i need to issue a command to do this or will the standby unit remain active until the primary unit comes back on line. Here is what i am looking at when i do a sho failover command!
Thanks in advance.
User Access Verification
Username: ********
Password: ********
Type help or '?' for a list of available commands.
asa5520-1> en
Password: ********
asa5520-1# show failover
Failover On
Failover unit Secondary
Failover LAN Interface: failover GigabitEthernet0/3 (up)
Unit Poll frequency 1 seconds, holdtime 15 seconds
Interface Poll frequency 5 seconds, holdtime 25 seconds
Interface Policy 1
Monitored Interfaces 4 of 250 maximum
Version: Ours 7.2(2), Mate 7.2(2)
Last Failover at: 04:28:41 CST-6 Feb 27 2008
This host: Secondary - Active
Active time: 201862 (sec)
slot 0: ASA5520 hw/sw rev (1.1/7.2(2)) status (Up Sys)
Interface outside (216.146.x.x): Normal (Waiting)
Interface dmz (192.168.15.1): No Link (Waiting)
Interface inside (172.18.1.1): Normal (Waiting)
Interface management (192.168.20.1): No Link (Waiting)
slot 1: empty
Other host: Primary - Failed
Active time: 1754 (sec)
slot 0: ASA5520 hw/sw rev (1.1/7.2(2)) status (Up Sys)
Interface outside (0.0.0.0): No Link (Waiting)
Interface dmz (0.0.0.0): No Link (Waiting)
Interface inside (0.0.0.0): Normal (Waiting)
Interface management (0.0.0.0): No Link (Waiting)
slot 1: empty
Stateful Failover Logical Update Statistics
Link : Unconfigured.
What i want to do is make sure the standby unit that is active remains the primary unit and the failed unit stays secondary until we can get fixed. Do i need to issue a command to do this or will the standby unit remain active until the primary unit comes back on line. Here is what i am looking at when i do a sho failover command!
Thanks in advance.
User Access Verification
Username: ********
Password: ********
Type help or '?' for a list of available commands.
asa5520-1> en
Password: ********
asa5520-1# show failover
Failover On
Failover unit Secondary
Failover LAN Interface: failover GigabitEthernet0/3 (up)
Unit Poll frequency 1 seconds, holdtime 15 seconds
Interface Poll frequency 5 seconds, holdtime 25 seconds
Interface Policy 1
Monitored Interfaces 4 of 250 maximum
Version: Ours 7.2(2), Mate 7.2(2)
Last Failover at: 04:28:41 CST-6 Feb 27 2008
This host: Secondary - Active
Active time: 201862 (sec)
slot 0: ASA5520 hw/sw rev (1.1/7.2(2)) status (Up Sys)
Interface outside (216.146.x.x): Normal (Waiting)
Interface dmz (192.168.15.1): No Link (Waiting)
Interface inside (172.18.1.1): Normal (Waiting)
Interface management (192.168.20.1): No Link (Waiting)
slot 1: empty
Other host: Primary - Failed
Active time: 1754 (sec)
slot 0: ASA5520 hw/sw rev (1.1/7.2(2)) status (Up Sys)
Interface outside (0.0.0.0): No Link (Waiting)
Interface dmz (0.0.0.0): No Link (Waiting)
Interface inside (0.0.0.0): Normal (Waiting)
Interface management (0.0.0.0): No Link (Waiting)
slot 1: empty
Stateful Failover Logical Update Statistics
Link : Unconfigured.