*unable to SSH into the ASA when VPN in

Hi Troy,

You need management-access

where name_if is your management interface if you have it defined as management-only , this statement is needed to manage asa over Ipsec connections.

otherwise most commonly used bellow if no management interface is defined :

management-access inside

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/m.html#wp1987122

*in the last 3 weeks ASA had failover to standy unit 3 times and did not see any kind of failure in the syslogs

1-there must be some type of information somewhere, look ay your firewalls uptime e.i show version will provide their uptime to rule firewall had reload..

2- look at your firewalls flash disks for any carsh info files if any

3- Look at your down stream and up stream switches logs itself as well as switchport where asa5520 interfaces connect to rule out switchport disconnection or switch issues..

4- Observe the patterns when the instances of failover had occured that this just happened ramdomly? to rule out any particular process that may triggered failover, however, when the failover is issued you should have been able to get some logs from the active firewall. or at least local console to the failed firewall to see logs

Strange no logs )

5- Lastly double check your firewalls running code that are the same , perhaps posting the failover configuration will also help to rule out fault in the configuration.

Regards