First off, please forgive me if I posted this in the wrong community.
I have a problem whereby we needed to moved our firewalls down in our rack to make space to install a switch.
After switching off the standby to move it 2U spaces down in the rack and power it on again it just stayed on "Sync Config" for more then a day.
We rebooted the standby and it did the same and when we rebooted it again it's now staying on "Negotiation" and not coming up.
Please see below output. If you need more info please let me know. I will really appreciate any help anyone can give...
---------------------------------------------------------------------
zajbcf01# sh ver
Cisco Adaptive Security Appliance Software Version 9.1(2)
Device Manager Version 7.1(3)
Compiled on Thu 09-May-13 16:20 PDT by builders
System image file is "disk0:/asa912-smp-k8.bin"
Config file at boot was "startup-config"
zajbcf01 up 136 days 2 hours
failover cluster up 136 days 2 hours
Hardware: ASA5525, 8192 MB RAM, CPU Lynnfield 2394 MHz, 1 CPU (4 cores)
ASA: 4096 MB RAM, 1 CPU (1 core)
Internal ATA Compact Flash, 8192MB
BIOS Flash MX25L6445E @ 0xffbb0000, 8192KB
Encryption hardware device : Cisco ASA-55xx on-board accelerator (revision 0x1)
Boot microcode : CNPx-MC-BOOT-2.00
SSL/IKE microcode : CNPx-MC-SSL-PLUS-T020
IPSec microcode : CNPx-MC-IPSEC-MAIN-0024
Number of accelerators: 1
Baseboard Management Controller (revision 0x1) Firmware Version: 2.4
0: Int: Internal-Data0/0 : address is f07f.06c3.849e, irq 11
1: Ext: GigabitEthernet0/0 : address is f07f.06c3.84a3, irq 5
2: Ext: GigabitEthernet0/1 : address is f07f.06c3.849f, irq 5
3: Ext: GigabitEthernet0/2 : address is f07f.06c3.84a4, irq 10
4: Ext: GigabitEthernet0/3 : address is f07f.06c3.84a0, irq 10
5: Ext: GigabitEthernet0/4 : address is f07f.06c3.84a5, irq 5
6: Ext: GigabitEthernet0/5 : address is f07f.06c3.84a1, irq 5
7: Ext: GigabitEthernet0/6 : address is f07f.06c3.84a6, irq 10
8: Ext: GigabitEthernet0/7 : address is f07f.06c3.84a2, irq 10
9: Int: Internal-Data0/1 : address is 0000.0001.0002, irq 0
10: Int: Internal-Control0/0 : address is 0000.0001.0001, irq 0
11: Int: Internal-Data0/2 : address is 0000.0001.0003, irq 0
12: Ext: Management0/0 : address is f07f.06c3.849e, irq 0
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited perpetual
Maximum VLANs : 200 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Active perpetual
Encryption-DES : Enabled perpetual
Encryption-3DES-AES : Enabled perpetual
Security Contexts : 2 perpetual
GTP/GPRS : Disabled perpetual
AnyConnect Premium Peers : 2 perpetual
AnyConnect Essentials : Disabled perpetual
Other VPN Peers : 750 perpetual
Total VPN Peers : 750 perpetual
Shared License : Disabled perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
UC Phone Proxy Sessions : 2 perpetual
Total UC Proxy Sessions : 2 perpetual
Botnet Traffic Filter : Disabled perpetual
Intercompany Media Engine : Disabled perpetual
IPS Module : Disabled perpetual
Cluster : Disabled perpetual
This platform has an ASA5525 VPN Premium license.
Failover cluster licensed features for this platform:
Maximum Physical Interfaces : Unlimited perpetual
Maximum VLANs : 200 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Active perpetual
Encryption-DES : Enabled perpetual
Encryption-3DES-AES : Enabled perpetual
Security Contexts : 4 perpetual
GTP/GPRS : Disabled perpetual
AnyConnect Premium Peers : 4 perpetual
AnyConnect Essentials : Disabled perpetual
Other VPN Peers : 750 perpetual
Total VPN Peers : 750 perpetual
Shared License : Disabled perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
UC Phone Proxy Sessions : 4 perpetual
Total UC Proxy Sessions : 4 perpetual
Botnet Traffic Filter : Disabled perpetual
Intercompany Media Engine : Disabled perpetual
IPS Module : Disabled perpetual
Cluster : Disabled perpetual
This platform has an ASA5525 VPN Premium license.
Serial Number: FCH18327WKM
Running Permanent Activation Key: 0x803bf069 0xa4eb1bfc 0x0dc1f510 0xeda02cc8 0x8909cba2
Configuration register is 0x1
Configuration last modified by enable_15 at 14:44:48.838 UTC Fri Jun 5 2015
--------------------------------------------------------------------
zajbcf01# sh failover history
==========================================================================
From State To State Reason
==========================================================================
08:58:17 UTC Jan 21 2015
Not Detected Disabled No Error
12:52:03 UTC Jan 27 2015
Disabled Negotiation Set by the config command
12:52:49 UTC Jan 27 2015
Negotiation Just Active No Active unit found
12:52:49 UTC Jan 27 2015
Just Active Active Drain No Active unit found
12:52:49 UTC Jan 27 2015
Active Drain Active Applying Config No Active unit found
12:52:49 UTC Jan 27 2015
Active Applying Config Active Config Applied No Active unit found
12:52:49 UTC Jan 27 2015
Active Config Applied Active No Active unit found
==========================================================================
zajbcf01# sh failover
Failover On
Failover unit Primary
Failover LAN Interface: ASAFailover GigabitEthernet0/7 (up)
Unit Poll frequency 1 seconds, holdtime 15 seconds
Interface Poll frequency 5 seconds, holdtime 25 seconds
Interface Policy 1
Monitored Interfaces 0 of 216 maximum
Version: Ours 9.1(2), Mate 9.1(2)
Last Failover at: 12:52:49 UTC Jan 27 2015
This host: Primary - Active
Active time: 11226780 (sec)
slot 0: ASA5525 hw/sw rev (1.0/9.1(2)) status (Up Sys)
Interface management (192.168.1.1): Link Down (Not-Monitored)
Interface RemAccess (172.18.112.2): Normal (Not-Monitored)
Interface outside (196.44.217.2): Normal (Not-Monitored)
Interface inside (172.18.24.1): Normal (Not-Monitored)
Interface inside-voice (172.19.32.1): Normal (Not-Monitored)
Interface zieto-jhb-perimeter (196.44.213.129): Normal (Not-Monitored)
Interface dcz-jhb-mw (196.44.213.161): Normal (Not-Monitored)
Interface zieto-pta-perimeter (196.44.217.129): Normal (Not-Monitored)
Interface dcz-pta-mw (196.44.217.161): Normal (Not-Monitored)
Interface dcz-pta-dmz1 (196.44.219.193): Normal (Not-Monitored)
Interface dr-pta-mw (196.44.217.193): Normal (Not-Monitored)
Other host: Secondary - Negotiation
Active time: 0 (sec)
slot 0: ASA5525 hw/sw rev (1.0/9.1(2)) status (Up Sys)
Interface management (0.0.0.0): Unknown (Not-Monitored)
Interface RemAccess (172.18.112.3): Unknown (Not-Monitored)
Interface outside (0.0.0.0): Unknown (Not-Monitored)
Interface inside (0.0.0.0): Unknown (Not-Monitored)
Interface inside-voice (0.0.0.0): Unknown (Not-Monitored)
Interface zieto-jhb-perimeter (0.0.0.0): Unknown (Not-Monitored)
Interface dcz-jhb-mw (0.0.0.0): Unknown (Not-Monitored)
Interface zieto-pta-perimeter (0.0.0.0): Unknown (Not-Monitored)
Interface dcz-pta-mw (0.0.0.0): Unknown (Not-Monitored)
Interface dcz-pta-dmz1 (0.0.0.0): Unknown (Not-Monitored)
Interface dr-pta-mw (0.0.0.0): Unknown (Not-Monitored)
Stateful Failover Logical Update Statistics
Link : Unconfigured.
-----------------------------------------------------------------------------------
zajbcf01# sh failover state
State Last Failure Reason Date/Time
This host - Primary
Active None
Other host - Secondary
Negotiation Comm Failure 12:31:22 UTC Jun 4 2015
====Configuration State===
Config Syncing
====Communication State===
----------------------------------------------------------------------------------
