Hi,

I have configured the two FW for HA mode, and I am checking " sh Failover " I am unable to understand why it’s showing only two interface in monitoring.  It should show all 4 interface in monitoring. I have highlighted in below configuration.

I am very new for FW, below is my complete FW configuration, I'll appreciate for your help to me, if i am missing anything in my configurations ie. means routing / VLAN ........

TechMFWPRIM# sh fail

Failover On

Failover unit Primary

Failover LAN Interface: HA-SYNC Management0/0 (up)

Unit Poll frequency 1 seconds, holdtime 15 seconds

Interface Poll frequency 5 seconds, holdtime 25 seconds

Interface Policy 1

----------------------------------------------------------

Monitored Interfaces 2 of 110 maximum

----------------------------------------------------------

failover replication http

Version: Ours 8.4(2), Mate 8.4(2)

Last Failover at: 04:10:31 UTC Jun 7 2012

        This host: Primary - Active

                Active time: 21300 (sec)

                slot 0: ASA5510 hw/sw rev (2.0/8.4(2)) status (Up Sys)

                  Interface Outside_Data (172.16.1.2): Normal (Waiting)

-------------------------------------------------------------------------------------------------------------

                  Interface INSIDE (10.28.63.17): Normal (Not-Monitored)

                  Interface CDMZ (10.28.63.33): Normal (Not-Monitored)

-------------------------------------------------------------------------------------------------------------

                  Interface Outside_Voice (172.16.2.2): Normal (Waiting)

                slot 1: empty

        Other host: Secondary - Standby Ready

                Active time: 80510 (sec)

                slot 0: ASA5510 hw/sw rev (2.0/8.4(2)) status (Up Sys)

                  Interface Outside_Data (0.0.0.0): Normal (Waiting)

------------------------------------------------------------------------------------------------------------

                  Interface INSIDE (10.28.63.18): Normal (Not-Monitored)

                  Interface CDMZ (10.28.63.34): Normal (Not-Monitored)

------------------------------------------------------------------------------------------------------------

                  Interface Outside_Voice (0.0.0.0): Normal (Waiting)

                slot 1: empty

Stateful Failover Logical Update Statistics

        Link : Unconfigured.

TechMFWPRIM#

TechMFWPRIM(config)# sh run

: Saved

:

ASA Version 8.4(2)

!

hostname TechMFWPRIM

enable password 8Ry2YjIyt7RRXU24 encrypted

passwd 2KFQnbNIdI.2KYOU encrypted

names

!

interface Ethernet0/0

description Outside Airtel_Data

nameif Outside_Data

security-level 0

ip address 172.16.1.2 255.255.255.252

!

interface Ethernet0/1

description Inside Airtel LAN Interface

no nameif

no security-level

no ip address

!

interface Ethernet0/1.102

description Inside Airtel LAN Interface

vlan 102

nameif INSIDE

security-level 100

ip address 10.28.63.17 255.255.255.240 standby 10.28.63.18

!

interface Ethernet0/2

no nameif

no security-level

no ip address

!

interface Ethernet0/2.100

description CDMZ

vlan 100

nameif CDMZ

security-level 50

ip address 10.28.63.33 255.255.255.240 standby 10.28.63.34

!

interface Ethernet0/3

description Outside_Voice

nameif Outside_Voice

security-level 0

ip address 172.16.2.2 255.255.255.252

!

interface Management0/0

description LAN Failover Interface

!

ftp mode passive

pager lines 24

logging asdm informational

mtu Outside_Data 1500

mtu INSIDE 1500

mtu CDMZ 1500

mtu Outside_Voice 1500

failover

failover lan unit primary

failover lan interface HA-SYNC Management0/0

failover replication http

failover interface ip HA-SYNC 192.168.3.1 255.255.255.0 standby 192.168.3.2

icmp unreachable rate-limit 1 burst-size 1

no asdm history enable

arp timeout 14400

route Outside_Data 0.0.0.0 0.0.0.0 172.16.1.1 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute

timeout tcp-proxy-reassembly 0:01:00

timeout floating-conn 0:00:00

dynamic-access-policy-record DfltAccessPolicy

user-identity default-domain LOCAL

http server enable

http 10.28.0.0 255.255.255.240 INSIDE

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart

telnet 0.0.0.0 0.0.0.0 INSIDE

telnet timeout 5

ssh timeout 5

console timeout 0

threat-detection basic-threat

threat-detection statistics access-list

no threat-detection statistics tcp-intercept

webvpn

username TIMFW password c.6Nu5hdpSeNFjvS encrypted

!

class-map inspection_default

match default-inspection-traffic

!

!

policy-map type inspect dns preset_dns_map

parameters

  message-length maximum client auto

  message-length maximum 512

policy-map global_policy

class inspection_default

  inspect dns preset_dns_map

  inspect ftp

  inspect h323 h225

  inspect h323 ras

  inspect rsh

  inspect rtsp

  inspect esmtp

  inspect sqlnet

  inspect skinny

  inspect sunrpc

  inspect xdmcp

  inspect sip

  inspect netbios

  inspect tftp

  inspect ip-options

  inspect icmp

!

service-policy global_policy global

prompt hostname context

no call-home reporting anonymous

Cryptochecksum:39242421493f5e1e7e9039247fa4ac00

: end

Reg

Sanjeev