Hello. Any thoughts on this?
The active ASA firewall failed over to the standby due to an 'interface failure' with a sub-interface.
This monitored sub-interface (DMZ) is part of physical interface with several other sub-interfaces (DMZs) that are also monitored for failover. None of these appeared to have failed at the same time however. It's just this one sub-interface that indicated as failed.
The physical interface for the sub-interface is connected to a switch stack. There were no problems with the physical interface on either the previously active firewall, or the switch stack. According to monitoring, no problems indicated either with traffic/CPU/mem usage on either the firewall or the switch stack also during this time. The VLAN on the switch for this firewall sub-interface is currently only active & trunked to the firewall cluster. Hosts on the switch in this VLAN were removed a few weeks ago. Again no problem with VLAN that I can see.