Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1098
Views
0
Helpful
4
Replies

Cisco ASA FTD 4100 SW version 9.8(4)-having different show run config

anilkumar.cisco
Level 4
Level 4

‎10-07-2021 09:32 AM

Hello Team,

 

i am having issue with my Cisco ASA firewall in FTD 4100 running in Multicontext mode.

 

Both primary and secondary firewall is having some different configuration

 

wherease Primary firewall is having correct configuration.

 

In order to mitigate the issue , should i run write standby command..

 

Will it impact any thing..

 

What will happen if i will not do any thing.. and need to upgrade the firewall and need to reboot the primary one..

 

Once the secondary will come up.. it can make my network worst.. and once Primary will come back. then it secondary  write its configuration to primary and complete network will down.

 

Pls advise.

0 Helpful
4 Replies 4

Chakshu Piplani
Cisco Employee
Cisco Employee

‎10-07-2021 09:54 AM

Write standby would be the next move, I would definitely do a complete backup via ASDM for the entire config.

You can read about write standby here:

https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/115999-write-standby-command-qanda-00.html

 

Regards,

Chakshu

 

Do rate helpful posts!

 

0 Helpful

anilkumar.cisco
Level 4
Level 4
In response to Chakshu Piplani

‎10-07-2021 10:56 AM

My question is, on system context or in any other context we can give this command..
Any recommendation procedure for FTD ASA
0 Helpful

Chakshu Piplani
Cisco Employee
Cisco Employee

‎10-07-2021 11:58 PM

For multiple context mode, when you enter the write standby command in the system execution space, all contexts are replicated. If you enter the write standby command within a context, the command replicates only the context configuration.

 

Regards,

Chakshu

 

Do rate helpful posts!

0 Helpful

johnlloyd_13
Level 9
Level 9

‎10-08-2021 06:57 PM

hi,

is the failover working/sync between primary and secondary FW?

also ensure ports on both units are all up.

post the output from 'system' context:

changeto system

show failover

show failover state

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top