Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
901
Views
0
Helpful
2
Replies

asa failover issue - secondary gets No Failover command

karien.depyper
Level 1
Level 1

‎06-10-2011 12:21 AM - edited ‎02-21-2020 04:22 AM

Hi,

Anybody has seen this issue, or even better, solved it :-)

We have 2 failover clusters  that works fine for some time
but after a random time (6 to 50 days seen), for an unknow reason, the 'no failover' command shows up in the secondary firewall configuration and it has also the NoFailover prompt.
After that we have 2 active firewalls with the known consequences :-(
We have 2 cisco cases, but Cisco doens't find anything and we are currently waiting for the issue to happen again to take logs.

extra info:
1 cluster  with 8.2.4 soft
1 cluster with 8.0.5.23 soft

thx Karien

0 Helpful
2 Replies 2

mirober2
Cisco Employee
Cisco Employee

‎06-10-2011 09:27 AM

Hi Karien,

What does 'show failover history' on both units show when the problem occurs? Are there any syslogs generated when the problem happens? These should give you an idea of why failover is getting disabled.

-Mike

0 Helpful

karien.depyper
Level 1
Level 1
In response to mirober2

‎08-01-2011 01:29 AM

Hello again,

Root cause found:

1/ Versions higher then 8.0.4 and 8.2.4 have a change in code, by which low failover timers (msec) and redundant interfaces can cause this issue. I changed failover timers, and it seems solved now.

Before:

failover polltime unit msec 200 holdtime msec 800

failover polltime interface msec 500 holdtime 5

Now:

failover polltime unit 1 holdtime 5

failover polltime interface 1 holdtime 5

2/ failover over management interface is not supported.

Good luck!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card