05-03-2010 08:55 AM - edited 03-11-2019 10:40 AM
Hello
I have 2 asa 5550's v8.2 in an active/standby config, our secondary failed and we have a new RMA unit from cisco. After MUCH stress from tac getting the right feature set on it I am taking another stab tomorrow morning using the following procedure.
Commands on primary
failover (is currently disabled)
Commands on secodary
failover lan interface fail g1/0
failover interface ip fail 192.168.25.2 255.255.255.248 standby 192.168.25.2
int g1/0 no shut
failover lan unit secondary
failover
copy run start
Question, in v8.2 do I need to run a "write standby"?
Going off of http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/ha_active_standby.html#wp1107287 I dont see a write standby in there as part of the secondary procedure.
Also, if this is a production firewall will this disrupt traffic on the primary unit even if the intention is the primary will stay the primary?
thanks
e-
05-03-2010 09:02 AM
Hi,
The ''write standby'' is only if you manually want to synchronize the active configuration to the standby unit. It is not mandatory.
Federico.
05-03-2010 12:24 PM
Also, if this is a production firewall will this disrupt traffic on the primary unit even if the intention is the primary will stay the primary?
No it should not affect the primary firewall even if you issue a write standby altho as Federico says you don't actually need to. As always if possible do this out of core production hours.
Jon
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide