failover exec does not work in context
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-07-2010 11:09 PM - edited 03-11-2019 11:36 AM
Hi,
asa01/admin# failover exec active show version
Command authorization failed
asa01/admin#
When I type this command from any other context it works fine. TACACS is defined in the admin context.
I am having issues in connecting with the second ASA FW.
Before I did a failover, i was able to connect to the active one but not the standby.
After i did a failover, I am able to connect to the standby (Was the active) and not the active (Was the old standby). So basically I cant connect to the second box. The failover is working fine.
- Labels:
-
NGFW Firewalls

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-08-2010 06:03 AM
Hello,
What does the output of 'show failover' show for both units? Also, what does the topology look like between your client and both ASAs when trying to connect?
-Mike
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-08-2010 08:41 AM
Can you check if you can reach the standby unit? For example can you ping it?
For the command authorization please check if TACACS allows the command you are trying to push. Or for example, if you don't authorize against TACACS and you use the local DB, does the command work?
I hope it helps.
PK
