cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1033
Views
0
Helpful
1
Replies

Transparent firewall with failover with multiple contexts

p21
Beginner
Beginner

                   I am running 8.4(2) on ASA5585s. They are in mulitble context mode and set to transparent firewall with active/active failover. When I do a sh failover in a context I see 2 of my interfaces are (waiting). I have a BVI and these are the ip addresses on the interfaces in he "sh failover" below.

Failover On

Last Failover at: 11:54:39 GMT/IST Feb 23 2012

        This context: Standby Ready

                Active time: 175394 (sec)

                  Interface ctxb-inside (x.x.x.165): Normal (Waiting)

                  Interface ctxb-outside (x.x.x.165): Normal (Monitored)

        Peer context: Active

                Active time: 11390663 (sec)

                  Interface ctxb-inside (x.x.x.164): Normal (Monitored)

                  Interface ctxb-outside (x.x.x.164): Normal (Waiting)

Why are the interfaces in (waiting)?

1 Reply 1

Jennifer Halim
Cisco Employee
Cisco Employee

Are you able to ping between the interfaces? ie: can you ping x.x.x.165 from x.x.x.164 and visa versa? If you are not able to ping it, that means there is no connectivity between the 2, hence the status is in Normal (Waiting) because it has not received the hello packet on that corresponding interface.

Here is the reference guide FYI:

http://www.cisco.com/en/US/docs/security/asa/asa84/command/reference/s3.html#wp1505709

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers