Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
235
Views
0
Helpful
1
Replies

PIX515E powercycle to re-establish connection

cameyp
Level 1
Level 1

‎06-03-2004 02:20 PM - edited ‎03-09-2019 07:37 AM

We have two PIX515E failover firewalls. When our service provider loses connection for whatever the reason we do not resume connection on our outbound port once their problem is resolved. We have to actually powercylce the firewall to restore the connectivity. This seems like a setting somewhere. Any ideas?

Thanks, Camey

Labels:
0 Helpful
1 Reply 1

ehirsel
Level 6
Level 6

‎06-04-2004 07:09 AM

How are you connecting to your provider? Does your pix firewalls direct connect to their switch?

It sounds like a failover issue, where both pix units think that they are acive, or none one does.

Usually you can tell by looking at one of the LEDs at each pix (I think it is the one labeled ACT).

If your pix connects direct to the provider switch and that switch is a layer 3 device too, ask if rapid span-tree is not enabled on the pix ports. Cisco recommends that the portfast (a cisco feature of rapid spantree before it became an IETF satndard)feature be configured for pix conns on cat switches.

I am thinking that span tree waiting 30-90 seconds to allow the pix ports to forward traffic may be the cause of the invalid active/standby state or make the problem worse.

Let me know what you find.

0 Helpful
Customers Also Viewed These Support Documents