Sounds to me like Statefull Failover is not in use? I mean that the Active firewall is not passing the connection state information to the Standby firewall so it will have all the up to date information about the connections on the Active unit.
You can always log into the Standby unit and issue the "show conn" command and see if there are any connections listed on that unit, IF not then the unit is not received the state information and when the Failover happens every connection formed through the Active ASA has to be formed again by the users/servers.
You can always share your Failover configuration. You can use the command "show run failover" on both ASAs to list the Failover configuration.
It seems to suggest somekind of problem between the ASA firewalls as the "comm failure" is listed.
What does the "show failover" command show?
Have you checked both the GigabitEthernet0/2 and GigabitEthernet0/3 links on both units and the network between the ASA units through those interfaces? I think you should go through those interfaces and the network segment between the ASAs and confirm that there is a working Failover/Statefull link between the ASAs.
Did you log into the Standby ASA and check the output of "show conn". If you got connections active through the Active ASA and the Standby ASA does not have anything in its connection table then you have a problem with the Failover setup.
Community Live Event Video
Are you ready to level up your security? Learn more about how Cisco SecureX can help you simplify your security and maximize operational efficiency.
This event talks about Cisco SecureX, its benefits, features, and usage. Th...
Hi all,I cannot understand why is something working very well they create a way to complicate things in Cisco ASA OS. I have a rule :object network LOCAL_ADRESS1 host 192.168.20.12 nat (VLAN20,outside) source static LOCAL_ADRESS1 interface&...
It is our pleasure to officially announce the finalists in the 2021 IT Blog Awards. We are now looking to our amazing tech community to check out the amazing line up of bloggers, vloggers and podcasters. Make sure to vote for your favorites...
Community Live Event Slides
This event talks about Cisco SecureX, its benefits, features, and usage. The session includes sample use cases and live demonstrations.
Cisco expert Luis Silva talks about how this solution can integrate Cisco technology and ...
Hello All, Recently I got an opportunity to perform POC with Cisco ISE (2.7 Patch 4) and Aruba Wireless AP (IAP) to perform 802.1x EAP-FAST (machine + user) authentication followed by Posture Assessment on Windows 10 Machines (installed with AnyConnect 4....