01-18-2019 09:09 AM - edited 02-21-2020 08:40 AM
Ciao,
In a couple of ASA configured in Active/Passive failover, someone can explain me what's the failover timeout that can be set when a ASA interface link goes down:
Message #466 : fover_health_monitoring_thread: vPifNum = 0x8, No Link
Message #467 : fover_health_monitoring_thread: ifc_check() - group 0 HW failed 1 (mate 0)
I need to be understand if I can wait 6/7 seconds before failover when a link goes down.
Thanks
01-18-2019 09:51 AM - edited 01-18-2019 09:52 AM
Failover Poll Times-Contains the fields for defining how often hello messages are sent on the failover link, and, optionally, how long to wait before testing the peer for failure if no hello messages are received.
Unit Failover-The amount of time between hello messages among units. The range is between 1 and 15 seconds or between 200 and 999 milliseconds.
check the link below
https://community.cisco.com/t5/firewalls/asa-failover-times/td-p/994896
01-18-2019 09:58 AM
Thanks for replay,
however after that one link goes down ASA failover in just 4/5 seconds with default timeout.
01-18-2019 10:05 AM - edited 01-18-2019 10:05 AM
here you go and do not forget to make it answer so other can get benefit too.
yes 5 is default but can be adjust below is the screen shots.
01-21-2019 12:57 AM - edited 01-21-2019 01:28 AM
Ciao,
Anyone thinks that this could be case:
Optional Active/Standby Failover Settings
And again: If the interface link is down, interface testing is not conducted and the standby unit could become active in just one interface polling period if the number of failed interfaces meets or exceeds the configured failover criteria.
01-21-2019 01:26 AM
why dont you adjust the timer according to your needs?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide