Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1244
Views
0
Helpful
1
Replies

Can i proceed to import identity cert to my standby firewall?

donnie
Level 1
Level 1

‎10-07-2012 08:14 PM - edited ‎03-11-2019 05:05 PM

Hi, i have a standby firewall which is part of a active standby setup.

When i import the same cert that was deployed successfully to my active firewall, i get the following error.

"If ASDM sends configuration to this standby ASA, the standby will not forward the configuration to the active ASA, losing synchronization of the configuration of the failover pair"

Is it safe to proceed?

I am importing the pkcs12 cert under "identity  certificates" which will also produce the CA root certificate under "CA  certificates". Pls advise. Thk you.

1 person had this problem
Labels:
0 Helpful
1 Reply 1

Jennifer Halim
Cisco Employee
Cisco Employee

‎10-08-2012 01:29 AM

You shouldn't really need to import the certificate to the standby ASA. It should really get replicated to the standby ASA during configuration synchronization.

However, if the certificate on the active unit doesn't get replicated to the standby ASA, you can issue the command "write standby", and the certificate should get replicated to the standby unit.

Here is a bug that your ASA might be affected:

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsr71150

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card