cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
492
Views
0
Helpful
7
Replies

faileover issue

Not applicable


WE Getting issue on int(GigabitEthernet1/4) state down. when we do fail-over and reboot the standby unit ,the down interface get up but other
ASA int (GigabitEthernet1/4) goes down after reboot the ASA.
kindly suggest what is the issue


standby unit


Interface                  IP-Address      OK? Method Status                Protocol
GigabitEthernet1/1         14.x.x.x  YES CONFIG up                    up
GigabitEthernet1/2         118.x.x.x  YES CONFIG up                    up
GigabitEthernet1/3         10.x.x.x    YES CONFIG up                    up
GigabitEthernet1/4         10.x.x.x    YES CONFIG down                  down
     



 This host: Secondary - Standby Ready
                Active time: 0 (sec)
                slot 1: ASA5516 hw/sw rev (1.0/9.6(1)) status (Up Sys)
                  Interface D1-OUT (14.x.x.x): Normal (Not-Monitored)
                  Interface D2-OUT (118.x.x.x): Normal (Monitored)
                  Interface INSIDE (10.X.X.1): Normal (Monitored)
                  Interface DMZ (10.X.X.2): No Link (Not-Monitored)
                slot 2: SFR5516 hw/sw rev (N/A/5.4.1-211) status (Up/Up)
                  ASA FirePOWER, 5.4.1-211, Up, (Monitored)
        Other host: Primary - Active
                Active time: 1743 (sec)
                slot 1: ASA5516 hw/sw rev (1.0/9.6(1)) status (Up Sys)
                  Interface D1-OUT (14.x.x.x): Normal (Not-Monitored)
                  Interface D2-OUT (118.x.x.x): Normal (Monitored)
                  Interface INSIDE (10.x.x.1): Normal (Monitored)
                  Interface DMZ (10.x.x.2): Normal (Not-Monitored)
                slot 2: SFR5516 hw/sw rev (N/A/5.4.1-211) status (Up/Up)
                  ASA FirePOWER, 5.4.1-211, Up, (Monitored)


primary unit


GigabitEthernet1/1         14.X.X.X  YES CONFIG up                    up
GigabitEthernet1/2         118.X.X.X  YES CONFIG up                    up
GigabitEthernet1/3         10.X.X.2    YES CONFIG up                    up
GigabitEthernet1/4         10.X.X.1     YES CONFIG up                    up




 This host: Primary - Active
                Active time: 1471 (sec)
                slot 1: ASA5516 hw/sw rev (1.0/9.6(1)) status (Up Sys)
                  Interface D1-OUT (14.x.x.x): Normal (Not-Monitored)
                  Interface D2-OUT (118.x.x.x): Normal (Monitored)
                  Interface INSIDE (10.x.x.1): Normal (Monitored)
                  Interface DMZ (10.x.x.2): Normal (Not-Monitored)
                slot 2: SFR5516 hw/sw rev (N/A/5.4.1-211) status (Up/Up)
                  ASA FirePOWER, 5.4.1-211, Up, (Monitored)
        Other host: Secondary - Standby Ready
                Active time: 0 (sec)
                slot 1: ASA5516 hw/sw rev (1.0/9.6(1)) status (Up Sys)
                  Interface D1OUT (14.X.X.X): Normal (Not-Monitored)
                  Interface D2OUT (118.X.X.X): Normal (Monitored)
                  Interface INSIDE (10.X.X.1): Normal (Monitored)
                  Interface DMZ (10.X.X2): Normal (Not-Monitored)
                slot 2: SFR5516 hw/sw rev (N/A/5.4.1-211) status (Up/Up)
                  ASA FirePOWER, 5.4.1-211, Up, (Monitored)

7 Replies 7

Aditya Ganjoo
Cisco Employee
Cisco Employee

Hi,

The state says link down.

Interface DMZ (10.X.X.2): No Link (Not-Monitored)

You need to check what is the connected to this interface and when you reload what happens on the other device.

If it is triggering failover then you can use the command:

no monitor-interface <>

But first of all check what happens on the connected device.

It can be as simple as a mismatch in speed/duplex settings.

Regards,

Aditya

Please rate helpful and mark correct answers

When we run failover active command traffic is shifting to secondary unit

Connected switch interface is full duplex and speed is 1000 and ASA interface is configured with duplex auto and speed is auto

Are you saying the speed and duplex are hard coded on the switch ?

if so you need to have both sides the same and with gigabit it is recommended to set both sides to auto.  

Hi Jon 

We did the hard coded but problem is still there 

Have you tried both sides as auto ?

Hi all

Thanks for your support. issue was solved.

It was really silly mistake from local support team . They didn't put the cable in required port. 

Thanks and regards

Manpreet singh

Hi,

What is the device connected to ASA?

Do you see any logs/errors on it?

Can you try changing the interface if it is possible on the ASA and test?

Regards,

Aditya

Please rate helpful and mark correct answers

Review Cisco Networking for a $25 gift card