Remove Failover?

[wampa]

I've got a pair of PIX 520's running in a failover "cluster" that works without issue - but I have an interesting situation:

We are moving to a new dataceter a few towns over, with a new internet line with a new provider. Basically, I want to split the primary and secondary and use them both as primaries without any failover.

After the split, I want to move the secondary to the new data center and configure it as a primary with our new connection, IPs and access lists, leaving the old primary in the old datacenter - I need to provide services in both places.

After the move is complete, I would like to take the primary from the old data center and reconfigure it to be the secondary in the new datacenter.

I've tried splitting the failover, by turning off failover on both primary and secondary and removing the serial cable, but after a few minutes is all went haywire and both thought thay had to be the primary, causing the secondary to attepmt to take over...

Can this situation even be done? How would I go about doing this? I can't seem to find out how to split a failover on Cisco's website.

 

[cpeloso]

I don't think that a pix with a failover software license could
be a primary...

 

[baddos]

The PIX FO box w/ it's current license won't do what you want. You'll have to buy a R or UR license from Cisco for your failover box.

-Bad Dos

 

[wampa]

That's what I figured, but it was worth asking.

Thanks a bunch.

 

[havanajoe]

I just read the following on the Cisco site about failover.

"When a failover cable connects two PIX Firewall units, the no failover command now disables failover until you enter the failover command to explicitly enable failover. Previously, when the failover cable connected two PIX Firewall units and you entered the no failover command, failover would automatically re-enable after 15 seconds."

This is running 6.3.1 IOS.