cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
878
Views
0
Helpful
5
Replies

ASA Active/Standby Failover Question

rene.schmid
Beginner
Beginner

hi,

I have a customer who has upgraded from pix520 to asa 5520 with csc modul in march 2007. now the customer has a second asa 5520 with csc modul.

today we are going on with the failover configuration and now we have a big problem... I tested the high availability wizard, and got the error message, hardware module compatibility test for platform failed !!!

I was wondering that there are two different hardware versions...

actual asa show module information says

Mod Card Type Model Serial No.

--- -------------------------------------------- ------------------ -----------

0 ASA 5520 Adaptive Security Appliance ASA5520-K8 JMX1050K2Q4

1 ASA 5500 Series Content Security Services Mo ASA-SSM-CSC-10 JAF10441526

Mod MAC Address Range Hw Version Fw Version Sw Version

--- --------------------------------- ------------ ------------ ---------------

0 0018.73d7.0446 to 0018.73d7.044a 1.1 1.0(11)2 7.2(2)

1 0019.0665.4a53 to 0019.0665.4a53 1.0 1.0(11)2 CSC SSM 6.2.1599.0

Mod SSM Application Name Status SSM Application Version

--- ------------------------------ ---------------- --------------------------

1 CSC SSM Up 6.2.1599.0

Mod Status Data Plane Status Compatibility

--- ------------------ --------------------- -------------

0 Up Sys Not Applicable

1 Up Up

new asa 5520 show modul

Mod Card Type Model Serial No.

--- -------------------------------------------- ------------------ -----------

0 ASA 5520 Adaptive Security Appliance ASA5520 JMX1152L1FA

1 ASA 5500 Series Content Security Services Mo ASA-SSM-CSC-10 JAF1150ALFD

Mod MAC Address Range Hw Version Fw Version Sw Version

--- --------------------------------- ------------ ------------ ---------------

0 001d.a29a.714a to 001d.a29a.714e 2.0 1.0(11)2 7.2(2)

1 001e.13f0.2056 to 001e.13f0.2056 1.0 1.0(11)2 CSC SSM 6.2.1599.0

Mod SSM Application Name Status SSM Application Version

--- ------------------------------ ---------------- --------------------------

1 CSC SSM Up 6.2.1599.0

Mod Status Data Plane Status Compatibility

--- ------------------ --------------------- -------------

0 Up Sys Not Applicable

1 Up Up

there are two different hw versions 1.1 and 2.0

Any ideas how I can get up the failover working properly??

thanks for help

rene

5 Replies 5

cisco__kaushik
Enthusiast
Enthusiast

Hi,

A failover will only work if both the boxes has the same features, code and the hardware.Ideally hw version should not pose a problem.Pl check the licences by using show ver and check if the licenses/features are same

benny
Beginner
Beginner

Hi There...

Just to check if your failover works fine with different hw rev?

I did have a similiar setup with different hw rev. But i setup using the CLI.

andrew.burns
Rising star
Rising star

Hi,

The first box doesn't have the 3DES/AES license (as shown by the ASA5520-K8) whereas the second box does (says ASA5520 without K8 designation).

They need to match for failover to work, but you can get the license for free by registering the serial number here (normally get it within the hour):

http://www.cisco.com/go/license

The hw-version isn't important for failover.

HTH

Andrew.

I am running into what may be another issue with licenses. My primary has active/active, and what is configured as backup has active/standby license. Would this cause and issue?

I am running into what may be another issue with licenses. My primary has active/active, and what is configured as backup has active/standby license. Would this cause and issue?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers