Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
263
Views
0
Helpful
1
Replies

Failover

Go to solution
rakeshsharma3000
Level 1
Level 1

‎07-14-2004 06:49 AM - edited ‎03-09-2019 08:03 AM

I have my LAN failover setup working fine. As far I have understoof "failover reset" command, it helps in handing the control back to default setting of failover. That means, the PIX defined as primary unit will take control as Active one. I have tried this command on my secondary pix when secondary is acting as Active one. But it doesnt handover the control to primary one. Any ideas.

Is this command applicable only for serial failover. Just a wild guess

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
gfullage
Cisco Employee
Cisco Employee

‎07-14-2004 03:56 PM

It doesn't force control back to the primary unit. What it does is force both units into an "unfailed" state, but control doesn't change. What I mean by that is let's say you have a failure of one unit, the other unit will detect that failure and mark the other unit as dead. When that unit comes back up, it's best to do a "failover reset" to mark the new unit as up (it's not completely necessary cause usually the PIX's are able to figure it out by themselves).

The units don't fail back to the primary simply because there's no need to. Since both units are the same hardware, you can run just as well on the secondary as you can the primary.

The failover command reference is here:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref/df.htm#wp1029143

View solution in original post

0 Helpful
1 Reply 1

Go to solution
gfullage
Cisco Employee
Cisco Employee

‎07-14-2004 03:56 PM

It doesn't force control back to the primary unit. What it does is force both units into an "unfailed" state, but control doesn't change. What I mean by that is let's say you have a failure of one unit, the other unit will detect that failure and mark the other unit as dead. When that unit comes back up, it's best to do a "failover reset" to mark the new unit as up (it's not completely necessary cause usually the PIX's are able to figure it out by themselves).

The units don't fail back to the primary simply because there's no need to. Since both units are the same hardware, you can run just as well on the secondary as you can the primary.

The failover command reference is here:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref/df.htm#wp1029143

0 Helpful
Customers Also Viewed These Support Documents