Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1246
Views
0
Helpful
2
Replies

FWSM Failover Host Secondary is Active and Primary is Damage

vironet
Level 1
Level 1

‎08-11-2010 05:19 PM - edited ‎03-11-2019 11:24 AM

Hi.

I have a couple of FWSM Version 2.3 (4) in failover Active/standby, a few years ago when our service provider make an upgrade change the failover role and our Primary change to secondary, but something happend that we promoted the secondary as an active, today i notice that my Primary (standby) fail i can´t access for any way, i don´t see any choices just reset the FWSM, but:

  1. What happend when the primary finished to boot, it is going to take the control and be the Active
  2. I don´t know the difference between the configuration files, because i don´t know how long the FWSM is down
  3. What cai i do to keep the current configuration, without affect all the contexts

This is the configuration and the sh fail

!

failover
failover lan unit secondary
failover lan interface fover_lnk vlan 499
failover polltime unit 1 holdtime 15
failover polltime interface 15
failover interface-policy 1
failover link fover_lnk vlan 499
failover interface ip fover_lnk 172.16.0.1 255.255.255.252 standby 172.16.0.2
arp timeout 14400

idcfw1-mty1# sh fail
Failover On
Failover unit Secondary
Failover LAN Interface fover_lnk Vlan 499
Unit Poll frequency 1 seconds, holdtime 15 seconds
Interface Poll frequency 15 seconds
Interface Policy 1
Monitored Interfaces 50 of 250 maximum
Config sync: active
Last Failover at: 06:12:23 Nov 19 2008

        This host: Secondary - Active
                Active time: 54504950 (sec)
                sorteotec Interface inside202 (192.168.100.2): Normal (Waiting)
                sorteotec Interface outside103 (201.131.109.12): Normal (Waiting)


        Other host: Primary - Failed
                Active time: 42702 (sec)
                sorteotec Interface inside202 (192.168.100.1): Normal
                sorteotec Interface outside103 (201.131.109.13): Normal

Labels:
0 Helpful
2 Replies 2

Kureli Sankar
Cisco Employee
Cisco Employee

‎08-11-2010 06:49 PM

Since the secondary is active presently, once you reboot the primary it will come back up and detect an active mate and it will become standby.

What ever config that you have on the secondary/active will be sent over to the primary once it comes back up as standby.

Before reloading the failed primary, session into itb from the switch and see what is going on with it.

-KS

0 Helpful

vironet
Level 1
Level 1
In response to Kureli Sankar

‎08-12-2010 08:02 AM

Thanks KS, Now i feel safe when i reset the FWSM, i let you know what happen.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card