Solved: Re: How to send a command to Standby Peer from Active ASA Firewall.

MSJ1 · ‎09-22-2021

I am not able to login to my Standby Firewall as SSH is Broken now. And I need to run this command at Standby ASA. I have Access to Standby ASA through ASDM and If I run this command from GUI it does not get executed shows message as below.

How can I run below Crypto command from Active ASA for Peer Standby ASA ?

crypto key generate rsa modulus 2048

Result of the command: "crypto key generate rsa modulus 4096"

WARNING: You have a RSA keypair already defined named <Default-RSA-Key>.

Do you really want to replace them? [yes/no]:
% Please answer 'yes' or 'no'.
Do you really want to replace them? [yes/no]:
% Please answer 'yes' or 'no'.
Do you really want to replace them? [yes/no]:
% ERROR: Timed out waiting for a response.
ERROR: Failed to create new RSA keys named <Default-RSA-Key>

balaji.bandi · ‎09-23-2021

always take the backup before you do any modifications and yes that is correct syntax to use from Primary to secondary

before issue make sure check the failover status.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

balaji.bandi · ‎09-22-2021

Not sure what you mean RSA key broken ? You can not configure anything on standby unit that is not good practice, that will break the whole system. instead you can use ASA command send to standby via Primary using "failover exec"

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help