Scribd
Upload
10 views3 pages

ASA Failover

Uploaded by

mikupiku7172
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
10 views3 pages

ASA Failover

Uploaded by

mikupiku7172
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

ASA Failover

Pre-request –

Both Firewall must have same points-

Configuration command -
Primary Firewall Configuration –

Secondary Firewall Configuration –

Show Commands-
myfirewall/pri/act(config)# show failover
Failover On
Failover unit Primary
Failover LAN Interface: failover GigabitEthernet0/2 (up)
Unit Poll frequency 1 seconds, holdtime 15 seconds
Interface Poll frequency 5 seconds, holdtime 25 seconds
Interface Policy 1
Monitored Interfaces 3 of 160 maximum
Version: Ours 9.1(1), Mate 9.1(1)
Last Failover at: 07:31:49 CEST Feb 12 2013
This host: Primary - Active
Active time: 18841674 (sec)
slot 0: ASA5520 hw/sw rev (2.0/9.1(1)) status (Up Sys)
Interface dmz5 (192.168.36.1): Normal (Monitored)
Interface dmz6 (192.168.47.1): Normal (Not-Monitored)
Interface inside (172.24.3.5): Normal (Monitored)
Interface oob (192.168.99.1): Normal (Monitored)
Interface management (0.0.0.0): No Link (Not-Monitored)
slot 1: empty
Other host: Secondary - Standby Ready
Active time: 0 (sec)
slot 0: ASA5520 hw/sw rev (2.0/9.1(1)) status (Up Sys)
Interface dmz5 (192.168.36.2): Normal (Monitored)

myfirewall/pri/act(config)# show failover descriptor


dmz5 send: 000200000e000000 receive: 000200000e000000
dmz6 send: 0002000041000000 receive: 0002000041000000
inside send: 0002010064000000 receive: 0002010064000000
oob send: 00020300ffff0000 receive: 00020300ffff0000
management send: 01010000ffff0000 receive: 01010000ffff0000

myfirewall/pri/act(config)# show failover history


==========================================================================
From State To State Reason
==========================================================================
07:30:59 CEST Feb 12 2013
Not Detected Negotiation No Error

07:31:03 CEST Feb 12 2013


Negotiation Cold Standby Detected an Active mate

07:31:05 CEST Feb 12 2013


Cold Standby Sync Config Detected an Active mate

07:31:15 CEST Feb 12 2013


Sync Config Sync File System Detected an Active mate

myfirewall/pri/act(config)# show failover state


State Last Failure Reason Date/Time
This host - Primary
Active None
Other host - Secondary
Standby Ready Ifc Failure 17:38:56 CEDT Jun 10 2013
dmz5: Failed
inside: Failed

====Configuration State===
Sync Done
Sync Done - STANDBY
====Communication State===
Mac set

myfirewall/pri/act(config)# show failover statistics


tx:384585696
rx:29127977

You might also like