Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
798
Views
0
Helpful
1
Replies

Failover tracking interfaces show Unknown (Waiting)

donald.cook
Level 1
Level 1

‎02-18-2014 12:44 PM - edited ‎03-11-2019 08:47 PM

On our ASA 5545 Cluster, Software Version 9.1(4), the Failover Tracking Interfaces show Unknown (Waiting).  When the ethernet cable is pulled on one of the tracking interfaces of the active ASA, failover does not happen.

ASA1# sh failover

Failover On

Failover unit Primary

Failover LAN Interface: failover GigabitEthernet0/7 (up)

Unit Poll frequency 1 seconds, holdtime 15 seconds

Interface Poll frequency 5 seconds, holdtime 25 seconds

Interface Policy 1

Monitored Interfaces 2 of 316 maximum

Version: Ours 9.1(4), Mate 9.1(4)

Last Failover at: 08:00:46 UTC Feb 18 2014

        This host: Primary - Active

                Active time: 10847 (sec)

                slot 0: ASA5545 hw/sw rev (1.0/9.1(4)) status (Up Sys)

                  Interface outside (83.236.222.116): Unknown (Waiting)

                  Interface inside (172.17.220.130): Unknown (Waiting)

                  Interface management (0.0.0.0): Link Down (Not-Monitored)

        Other host: Secondary - Standby Ready

                Active time: 448 (sec)

                slot 0: ASA5545 hw/sw rev (1.0/9.1(4)) status (Up Sys)

                  Interface outside (0.0.0.0): Unknown (Waiting)

                  Interface inside (0.0.0.0): Unknown (Waiting)

                  Interface management (0.0.0.0): Link Down (Not-Monitored)

Stateful Failover Logical Update Statistics

        Link : statelink GigabitEthernet0/6 (up)

        Stateful Obj    xmit       xerr       rcv        rerr

        General         5027       0          1536       75

        sys cmd         1469       0          1469       0

        up time         0          0          0          0

        RPC services    0          0          0          0

        TCP conn        40         0          0          0

        UDP conn        3318       0          61         75

        ARP tbl         189        0          3          0

        Xlate_Timeout   0          0          0          0

        IPv6 ND tbl     0          0          0          0

        VPN IKEv1 SA    1          0          1          0

        VPN IKEv1 P2    10         0          1          0

        VPN IKEv2 SA    0          0          0          0

        VPN IKEv2 P2    0          0          0          0

        VPN CTCP upd    0          0          0          0

        VPN SDI upd     0          0          0          0

        VPN DHCP upd    0          0          0          0

        SIP Session     0          0          0          0

        Route Session   0          0          0          0

        User-Identity   0          0          1          0

        CTS SGTNAME     0          0          0          0

        CTS PAC         0          0          0          0

        TrustSec-SXP    0          0          0          0

        IPv6 Route      0          0          0          0

        Logical Update Queue Information

                        Cur     Max     Total

        Recv Q:         0       17      12731

        Xmit Q:         0       2       13147

1 person had this problem
Labels:
0 Helpful
1 Reply 1

donald.cook
Level 1
Level 1

‎02-18-2014 02:16 PM

It was pointed out to me by David White in a different thread:

You are missing the "Standby IPs" on each interface.  This is required for Failover interface monitoring.  Once you assign Standby IPs, the "show failover" output will display them on the Standby unit, and the interfaces will transition from "Waiting" to "Normal".

This was the problem.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card