cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
567
Views
5
Helpful
3
Replies

Unable to remove sub interface and interfaces don't match across Primary ASA and failover

Gerard Roy
Level 2
Level 2

Hello,
I am trying to remove a sub interface. Here is the error I receive.

prod/pri/act(config)# no interface GigabitEthernet 0/6.2
ERROR: Remove failover mac address configured on this interface first
ERROR: Remove failover mac address configured on this interface first

It is the sub interface so I assume the the mac from the physical Gig 0/6 interface? If I remove this, will it cause the ASA to failover?

failover mac address GigabitEthernet0/6 006b.f1f9.e853 d48c.b5c2.6157

Also, notice interface Gig 0/6 and Gig 0/6.1 do not show up in the "Current IP Addresses" for the Secondary ASA. How do I correct this?
Interfaces-No-Match.jpg

 

Thanks in Advance!

3 Replies 3

balaji.bandi
Hall of Fame
Hall of Fame

The output not show what MAC Address it corresponding to, some configurations is done using a virtual MAC address in this case that will be an advantage,.

 

Try shutdown the interface saves the config to replicate both the ASA and try to remove if that works?

 

Note: make sure you take the backup of the config always out of the box for a safe approach, If the production environment does some commands in the maintenance window to minimizes the business impact.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Hello

Make sure those inferfaces dont relate to any HA failover connection and then one youve shut them down and deleted them, usualy a reboot would clear them from the the FW


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

amikat
Level 7
Level 7

Hi,

You may be hitting the CSCvo58030 bug - please check. The suggested workaround listed with the bug description is as per beneath:

+ remove failover MAC from physical interface
+ delete subinterface
+ revert failover MAC on physical interface

Best regards,

Antonin

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco