cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
318
Views
0
Helpful
3
Replies

Activation keys and failover operation

mlabuguen
Level 1
Level 1

Hello,

Before you even start connecting two PIXs together for failover operation, i was told that the activation key is what distinguishes a primary pix from a secondary. Is this true? Aren't firewalls independent from each other meaning that a firewall can either serve as primary or secondary?

If the above statement is true, then the failover cable needs to strictly be connected where the Primary end connects to the Primary enabled PIX and the secondary connects to the Secondary enabled PIX.

If PIX FW's are strictly tagged as Primary or Secondary based on their Activation Key, how can we tell the difference? Is there any show command that display the characteristic of the PIX FW?

Thanks for your help!

3 Replies 3

jmia
Level 7
Level 7

Hello Marvin,

I beleive you are talking about PIX Failover licence, here's a quick explanation -

The failover licence is necessary if you wish to connect two PIXs together and perform either non-stateful or stateful failover. If you do not currently have a licence for failover, and wish to add it for your PIXs, it is a simple matter of paying Cisco the necessary money, and Cisco will then give you a key that you can use to unlock the failover feature.

A limited licence is typically indicated by the letter ‘R’ in the software licence. A limited licence indicates that you have not purchased all the features for you PIX. However, if your licence is indicated by the letters ‘UR’, this indicates that you have an unrestricted licence and thus have access to ALL of the features of your PIX, such as, Encryption, Failover, and Connections.

Hope this helps -

jmia
Level 7
Level 7