Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4576
Views
15
Helpful
3
Replies

Verify which ASA is which in a Active/Standby setup if both have same hostname.

CiscoBrownBelt
Level 6
Level 6

‎02-27-2019 12:58 PM - edited ‎02-21-2020 08:52 AM

If you have a pair of ASA in HA (Active/Standby) and both still share the same hostname, how can I tell which is actually which meaning if let's say one ASA went down so traffic failed over to the other one, how can I tell which was originally the active device if show failover history is not showing any failovers that may have happened long ago. Is there another command to run?

 

Need to know so I can make out which would be which on a drawing without having to go and actually look at SN#s on the chassis, etc.

1 person had this problem
Labels:
0 Helpful
3 Replies 3

Sheraz.Salim
VIP
VIP

‎02-27-2019 02:51 PM

you need to issue this command.

 

asa(config)# prompt hostname context priority state

and if you not running the context in firewalls than

asa(config)# prompt hostname priority state

 this command will show your on both firewall who is active and which unit is passive

 

please do not forget to rate.

CiscoBrownBelt
Level 6
Level 6
In response to Sheraz.Salim

‎02-28-2019 02:28 PM

Hi Ok great. Yes that command was not issued so each FW has same name.

 

Yes I can also see via show failover, but the thing is if the primary fails, then the standby is now primary. If you just have  a drawing depicting primary and secondary firewalls, in actuality the firewall position in the drawing could be reversed if there was a failover - am I making sense at all as I know I may be sounding a bit confusing.

0 Helpful

Sheraz.Salim
VIP
VIP
In response to CiscoBrownBelt

‎02-28-2019 02:39 PM

one of your box is configured as primary and other is configured is secondary

some thing like this

 

!

ASA1

!

failover lan unit prim

------------

ASA2

!

failover lan unit sec

=======================

now let say for unseen reason your secondary ASA become the active ASA and now you want the primary ASA to be active in that case you have to issue a command on the primary ASA

!

failover active

!

this command will make the ASA as active ASA.

 

or if as said secondary is Acitve ASA and you want to primary to be active you can do it the other way

!

asa#config t  failover exec mate active

 

please do not forget to rate.
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card