Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
929
Views
0
Helpful
1
Replies

reason for firewall failover

kunal-united
Level 1
Level 1

‎12-21-2011 09:23 AM - edited ‎03-11-2019 03:04 PM

Hi,

Below are the logs. Please do let me know what causes the firewall to fail from primary firewall to secondary firewall.

Pix logs

08/11/2007 17:12:06 Local4 Alert 192.168.1.1 Nov 08 2011 17:06:14 pix-firewall : %PIX-1-105036: (Secondary) LAN failover dropped a cmd msg: FREQARP, seq = 871125

08/11/2007 17:12:06 Local4 Alert 192.168.1.1 Nov 08 2011 17:06:14 pix-firewall : %PIX-1-105036: (Secondary) LAN failover dropped a cmd msg: FHELLO, seq = 871126

08/11/2007 17:12:06 Local4 Alert 192.168.1.1 Nov 08 2011 17:06:14 pix-firewall : %PIX-1-105036: (Secondary) LAN failover dropped a cmd msg: FTRAFFIC, seq = 871127

08/11/2007 17:12:05 Local4 Alert 192.168.1.1 Nov 08 2011 17:06:14 pix-firewall : %PIX-1-105003: (Secondary) Monitoring on interface 0 waiting

08/11/2007 17:12:05 Local4 Alert 192.168.1.1 Nov 08 2011 17:06:14 pix-firewall : %PIX-1-105003: (Secondary) Monitoring on interface 1 waiting

08/11/2007 17:12:05 Local4 Alert 192.168.1.1 Nov 08 2011 17:06:14 pix-firewall : %PIX-1-105003: (Secondary) Monitoring on interface 2 waiting

08/11/2007 17:12:05 Local4 Alert 192.168.1.1 Nov 08 2011 17:06:14 pix-firewall : %PIX-1-105003: (Secondary) Monitoring on interface 3 waiting

08/11/2007 17:12:05 Local4 Alert 192.168.1.1 Nov 08 2011 17:06:14 pix-firewall : %PIX-1-105003: (Secondary) Monitoring on interface 4 waiting

08/11/2007 17:12:05 Local4 Alert 192.168.1.1 Nov 08 2011 17:06:14 pix-firewall : %PIX-1-105003: (Secondary) Monitoring on interface 5 waiting

08/11/2007 17:12:05 Local4 Alert 192.168.1.1 Nov 08 2011 17:06:14 pix-firewall : %PIX-1-104001: (Secondary) Switching to ACTIVE - no response from mate.

08/11/2007 17:12:05 Local4 Alert 192.168.1.1 Nov 08 2011 17:06:14 pix-firewall : %PIX-1-103001: (Secondary) No response from other firewall (reason code = 1).

Thanks

Labels:
0 Helpful
1 Reply 1

Julio Carvajal
VIP Alumni
VIP Alumni

‎12-21-2011 09:33 AM

Hello Kunal,

As we can see on the logs the Secondary device is monitoring all interfaces and he is not receiving any hello packets that is why we see the interface on waiting state, this caused failover to happen.

If a Pix/Asa does not receive hello packets on the interfaces being monitored he will think his mate is dead so he will become active.

Hope this helps! if not let me know and I will do my best to help you on this

Please rate helpful posts.

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card