cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1067
Views
1
Helpful
6
Replies

FTD HA Issues

taro75
Level 1
Level 1

I have FTD2110 in HA as active standby pair using FDM. I am testing HA with failure scenarios, cable failure works perfectly fine. Now I rebooted active firewall (FW-A), standby firewall (FW-B) took over.

FW-A reboot took almost 25 minutes, still never assumed standby firewall role, on active firewall it shows HA pair as failed.

Now again I rebooted FW-A from CLI, took 30 minutes and now became standby.

Is is normal for it to take 30 minutes to reboot? Is there any known issues with HA pair?

1 Accepted Solution

Accepted Solutions

AViftrup
Level 1
Level 1

I would say 30 minutes is on the high end, but at the same time you're also running the local FDM, which puts more services to come alive.

It is not unnormal for an FPR2100-series FTD to take about 15-20 minutes for a reload. It might even take longer if power has been uninterrupted and database checks are happening at boot.

Which version are you running?

View solution in original post

6 Replies 6

AViftrup
Level 1
Level 1

I would say 30 minutes is on the high end, but at the same time you're also running the local FDM, which puts more services to come alive.

It is not unnormal for an FPR2100-series FTD to take about 15-20 minutes for a reload. It might even take longer if power has been uninterrupted and database checks are happening at boot.

Which version are you running?

taro75
Level 1
Level 1

I am using cisco-ftd-fp2k.7.0.5-72.

I suggest either getting on the 7.0.6 or 7.2.5 train (mainly the latest I suggest)

This could help boottimes but also the HA issue you're experiencing.

There are two issue here 

1- when ftd-A is reboot it not elect as activr again?

2- the ftd need long time to reboot?

Am I correct 

taro75
Level 1
Level 1

When FTA-A is rebooted, FTD-B becomes active. After booting FTD-A never becomes standby, I had to reboot it again from the console.

What does show failover and show failover history say in that scenario? Did you test this?

Review Cisco Networking for a $25 gift card