07-31-2017 07:14 PM - last edited on 03-12-2019 02:45 AM by NikolaIvanov
WE Getting issue on int(GigabitEthernet1/4) state down. when we do fail-over and reboot the standby unit ,the down interface get up but other
ASA int (GigabitEthernet1/4) goes down after reboot the ASA.
kindly suggest what is the issue
standby unit
Interface IP-Address OK? Method Status Protocol
GigabitEthernet1/1 14.x.x.x YES CONFIG up up
GigabitEthernet1/2 118.x.x.x YES CONFIG up up
GigabitEthernet1/3 10.x.x.x YES CONFIG up up
GigabitEthernet1/4 10.x.x.x YES CONFIG down down
This host: Secondary - Standby Ready
Active time: 0 (sec)
slot 1: ASA5516 hw/sw rev (1.0/9.6(1)) status (Up Sys)
Interface D1-OUT (14.x.x.x): Normal (Not-Monitored)
Interface D2-OUT (118.x.x.x): Normal (Monitored)
Interface INSIDE (10.X.X.1): Normal (Monitored)
Interface DMZ (10.X.X.2): No Link (Not-Monitored)
slot 2: SFR5516 hw/sw rev (N/A/5.4.1-211) status (Up/Up)
ASA FirePOWER, 5.4.1-211, Up, (Monitored)
Other host: Primary - Active
Active time: 1743 (sec)
slot 1: ASA5516 hw/sw rev (1.0/9.6(1)) status (Up Sys)
Interface D1-OUT (14.x.x.x): Normal (Not-Monitored)
Interface D2-OUT (118.x.x.x): Normal (Monitored)
Interface INSIDE (10.x.x.1): Normal (Monitored)
Interface DMZ (10.x.x.2): Normal (Not-Monitored)
slot 2: SFR5516 hw/sw rev (N/A/5.4.1-211) status (Up/Up)
ASA FirePOWER, 5.4.1-211, Up, (Monitored)
primary unit
GigabitEthernet1/1 14.X.X.X YES CONFIG up up
GigabitEthernet1/2 118.X.X.X YES CONFIG up up
GigabitEthernet1/3 10.X.X.2 YES CONFIG up up
GigabitEthernet1/4 10.X.X.1 YES CONFIG up up
This host: Primary - Active
Active time: 1471 (sec)
slot 1: ASA5516 hw/sw rev (1.0/9.6(1)) status (Up Sys)
Interface D1-OUT (14.x.x.x): Normal (Not-Monitored)
Interface D2-OUT (118.x.x.x): Normal (Monitored)
Interface INSIDE (10.x.x.1): Normal (Monitored)
Interface DMZ (10.x.x.2): Normal (Not-Monitored)
slot 2: SFR5516 hw/sw rev (N/A/5.4.1-211) status (Up/Up)
ASA FirePOWER, 5.4.1-211, Up, (Monitored)
Other host: Secondary - Standby Ready
Active time: 0 (sec)
slot 1: ASA5516 hw/sw rev (1.0/9.6(1)) status (Up Sys)
Interface D1OUT (14.X.X.X): Normal (Not-Monitored)
Interface D2OUT (118.X.X.X): Normal (Monitored)
Interface INSIDE (10.X.X.1): Normal (Monitored)
Interface DMZ (10.X.X2): Normal (Not-Monitored)
slot 2: SFR5516 hw/sw rev (N/A/5.4.1-211) status (Up/Up)
ASA FirePOWER, 5.4.1-211, Up, (Monitored)
07-31-2017 10:10 PM
Hi,
The state says link down.
Interface DMZ (10.X.X.2): No Link (Not-Monitored)
You need to check what is the connected to this interface and when you reload what happens on the other device.
If it is triggering failover then you can use the command:
no monitor-interface <>
But first of
It can be as simple as a mismatch in speed/duplex settings.
Regards,
Aditya
Please rate helpful and mark correct answers
07-31-2017 10:17 PM
When we run failover active command traffic is shifting to secondary unit
Connected switch interface is full duplex and speed is 1000 and ASA interface is configured with duplex auto and speed is auto
07-31-2017 10:48 PM
Are you saying the speed and duplex are hard coded on the switch ?
if so you need to have both sides the same and with gigabit it is recommended to set both sides to auto.
07-31-2017 10:52 PM
Hi Jon
We did the hard coded but problem is still there
07-31-2017 10:58 PM
Have you tried both sides as auto ?
08-07-2017 01:31 AM
Hi all
Thanks for your support. issue was solved.
It was really silly mistake from local support team . They didn't put the cable in required port.
Thanks and regards
Manpreet singh
07-31-2017 11:25 PM
Hi,
What is the device connected to ASA?
Do you see any logs/errors on it?
Can you try changing the interface if it is possible on the ASA and test?
Regards,
Aditya
Please rate helpful and mark correct answers
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide