https://community.cisco.com/t5/network-security/asa-failover-detect-service-card-failure/m-p/4707066#M1094382 <P>Hello Ajay,</P><P>I have the same case but I don't have an IPS module within my Cisco ASA and I got random failover with reason:</P><DIV class=""><DIV class=""><DIV class=""><DIV class=""><DIV class=""><DIV class=""><DIV class="">Detect service card failure</DIV></DIV></DIV></DIV></DIV></DIV></DIV><DIV class=""><DIV class=""><DIV class="">&nbsp;</DIV></DIV></DIV><DIV class=""><DIV class=""><DIV class=""><DIV class="">Can you advise on this?</DIV><DIV class="">&nbsp;</DIV></DIV><DIV class="">Thanks,</DIV><DIV class="">Tanios</DIV></DIV></DIV><P>&nbsp;</P> Fri, 21 Oct 2022 07:14:08 GMT tanios191 2022-10-21T07:14:08Z https://community.cisco.com/t5/network-security/asa-failover-detect-service-card-failure/m-p/3711452#M14413 <P>Hi All,</P> <P>&nbsp;</P> <P>We are running ASAs 9.8(2) in Act/Stdby mode. Recently, our primary ASA got rebooted and services got impacted. Upon checking checking failover history, we got the message -&nbsp;Detect service card failure. Upon checking syslogs - we only got 2 messages of significance:</P> <P>&nbsp;</P> <P>i)&nbsp;Line protocol on interface changed state to down</P> <P>ii)&nbsp;Line protocol on interface changed state to up</P> <P>&nbsp;</P> <P>I believe the inside interface went down or something but can someone please explain a bit more in detail about this since we are doing RCA.</P> <P>&nbsp;</P> <P>1) What's "<SPAN>Detect service card failure" mean? </SPAN></P> <P><SPAN>2) What measures should we take in order to avoid this happening again in future?</SPAN></P> <P>&nbsp;</P> <P><SPAN>I have attached a the failover output file for reference.</SPAN></P> <P>&nbsp;</P> <P><SPAN>Regards,</SPAN></P> <P><SPAN>Abhijit</SPAN></P> <P>&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> Fri, 21 Feb 2020 16:16:11 GMT https://community.cisco.com/t5/network-security/asa-failover-detect-service-card-failure/m-p/3711452#M14413 abhijith891 2020-02-21T16:16:11Z https://community.cisco.com/t5/network-security/asa-failover-detect-service-card-failure/m-p/3711515#M14415 <P><U></U>Hello Abhijeet,</P> <P>&nbsp;</P> <P>The service card refers to any software based IPS module installed in the ASA, for example IPS module. If it fails or it is too busy to respond to the ASA backplane hello packets, it is detected as a failover reason and failover would happen.</P> <P>&nbsp;</P> <P>The logs from Secondary device are from 13 Sep when I guess that the primary device reloaded, which is normal since it says that it has not heard from mate, and hence it became active. This happened around 21:55 on Sep 13th 2018.</P> <P>&nbsp;</P> <P>The logs from Primary firewall wherein says service card failed looks like a transition phase message when it was initializing after the ASA reloaded.</P> <P>&nbsp;</P> <P>The real issue here is on Sep 20th around 12:59 when the interface failed message appears on Primary Firewall and this comes from inside interface. That is where you need to focus apart from the reason behind the reason for primary firewall reload.</P> <P>&nbsp;</P> <P>Regards,</P> <P>&nbsp;</P> <P>Ajay</P> <P>&nbsp;</P> <P>&nbsp;</P> Sat, 22 Sep 2018 09:12:06 GMT https://community.cisco.com/t5/network-security/asa-failover-detect-service-card-failure/m-p/3711515#M14415 Ajay Saini 2018-09-22T09:12:06Z https://community.cisco.com/t5/network-security/asa-failover-detect-service-card-failure/m-p/3712531#M14417 <P>Hi Ajay,</P> <P>&nbsp;</P> <P>Thanks a lot for your inputs. Yes, we do have an IPS module built-in the ASA, though we dont use it.. Can you please let me know if there are any preventive measures, or any commands which we configure to avoid this incident happening again?</P> <P>&nbsp;</P> <P>Regards,</P> <P>Abhijit</P> Tue, 25 Sep 2018 00:36:03 GMT https://community.cisco.com/t5/network-security/asa-failover-detect-service-card-failure/m-p/3712531#M14417 abhijith891 2018-09-25T00:36:03Z https://community.cisco.com/t5/network-security/asa-failover-detect-service-card-failure/m-p/3712695#M14418 <P>Hello,</P> <P>&nbsp;</P> <P>If you wish to remove the IPS card from failover monitoring,&nbsp;you can remove the failover monitoring of the IPS module:</P> <P>&nbsp;</P> <PRE>no monitor-interface service-module</PRE> <P>&nbsp;</P> <P><A href="https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-firewalls/200944-Disable-Service-Module-Monitoring-on-ASA.html" target="_blank">https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-firewalls/200944-Disable-Service-Module-Monitoring-on-ASA.html</A></P> <P>&nbsp;</P> <P>HTH</P> <P>AJ</P> <P>&nbsp;</P> <P>&nbsp;</P> Tue, 25 Sep 2018 09:38:15 GMT https://community.cisco.com/t5/network-security/asa-failover-detect-service-card-failure/m-p/3712695#M14418 Ajay Saini 2018-09-25T09:38:15Z https://community.cisco.com/t5/network-security/asa-failover-detect-service-card-failure/m-p/4707066#M1094382 <P>Hello Ajay,</P><P>I have the same case but I don't have an IPS module within my Cisco ASA and I got random failover with reason:</P><DIV class=""><DIV class=""><DIV class=""><DIV class=""><DIV class=""><DIV class=""><DIV class="">Detect service card failure</DIV></DIV></DIV></DIV></DIV></DIV></DIV><DIV class=""><DIV class=""><DIV class="">&nbsp;</DIV></DIV></DIV><DIV class=""><DIV class=""><DIV class=""><DIV class="">Can you advise on this?</DIV><DIV class="">&nbsp;</DIV></DIV><DIV class="">Thanks,</DIV><DIV class="">Tanios</DIV></DIV></DIV><P>&nbsp;</P> Fri, 21 Oct 2022 07:14:08 GMT https://community.cisco.com/t5/network-security/asa-failover-detect-service-card-failure/m-p/4707066#M1094382 tanios191 2022-10-21T07:14:08Z