cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
799
Views
0
Helpful
1
Replies

ASA Failover resolves issue...

rkalia1
Level 1
Level 1

Hi,

I have come across strange issue with ASA failover.  The ASA software version does not matter whether 7.2x or 8.x.  The issue is that if there is an ASA failover pair at one site having a tunnel to a remote site (ASA or cisco router) sometimes the Phase II stalls.  The data does not seem to pass through the ASA failover pair end.  I have seen this at altogether different networks for different companies.  Same thing I came across on PIX failover pair too.  The fix, however, is either rebooting the primary ASA or failing over.  Also, I have tried upgrading a couple of ASA pairs to no effect.  Sometimes it so happens that only one particular subnet (in interesting traffic) stops working.  Can you please help explain this issue and suggest a fix?  Please note that when the issue occurs I try everything from clearing the Phase I/II on both ends to rebooting the remote ASA/Router.  But things start working only after failover pair is failed over or the active ASA rebooted.

thanks

1 Reply 1

Kureli Sankar
Cisco Employee
Cisco Employee

Raman,

Do you have the old cases number that you refer?

https://supportforums.cisco.com/thread/2060088

Would appreciate if you can provide them.

CSCtd36473    IPsec: Outbound context may be deleted prematurely

CSCtb53186    Duplicate ASP crypto table entry causes firewall to not encrypt traffic

http://tools.cisco.com/Support/BugToolKit/
you can go to the above link login with your CCO ID and then key in this defect ID

-KS

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: