Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
751
Views
0
Helpful
6
Replies

Stateful Failover Does Not Work

sataylo
Level 1
Level 1

‎12-29-2001 05:28 AM - edited ‎03-08-2019 09:29 PM

Hello,

Could someone help me...

I configured my pix to be stateful failover;however,

the primary failed twice. The secondary was active; however, all the communications failed.

I checked all my link cable and everything...

I open a case with TAC for two days; no help me or call me back. Everytime, I called TAC they requeue my case. Please Help !

Thank U.

Labels:
0 Helpful
6 Replies 6

sampathsr
Level 1
Level 1

‎01-04-2002 09:44 AM

Hope you have taken care of the following:

1. You have to dedicate one interface from each of the firewall (other than inside and outside interfaces) for the failover.

They have to be connected using a cross-over cable (suggested) or through a switch (in this case ensure both the ports are in the same VLAN).

2. Every interface has to be assigned an IP address, even if some of them are not being used and are `shutdown'.

Hope this helps.

0 Helpful

sataylo
Level 1
Level 1
In response to sampathsr

‎01-07-2002 01:50 PM

Thanks.

I did exactly what you suggested...

interface is not sutdown.

Thank u.

0 Helpful

mhohstadt
Level 1
Level 1

‎01-04-2002 09:58 AM

What version are your PIX's running?

How are the outside/inside interfaces connected? To a switch? Have you verified the switch's configuration?

0 Helpful

sataylo
Level 1
Level 1
In response to mhohstadt

‎01-07-2002 01:41 PM

Thank you very much for support...

Pix 525 with 6.0(1). I have configured pix to be stateful failover. I also dedicated one interface for failover with cross-cable. It failover three times; everytime, I have to force the secondary to be active by using command "failover active".

Now I configure as normal failover; it works ok.

I deleted the stateful failover link... An cisco Tac engineer called and he said "Maybe 6.0(1) has a bug... Who know ?

To answer your question: each interface connected to one switch with defference vlan.

Thank u.

0 Helpful

thompson
Level 1
Level 1

‎01-06-2002 09:01 AM

Also, connect any interfaces to the counterpart PIX with a cross-over. Make sure you address them on the same network. (i.e. PIX1 interface 3 192.168.1.1/24, PIX2 interface 3 192.168.1.2/24

0 Helpful

sataylo
Level 1
Level 1
In response to thompson

‎01-07-2002 01:43 PM

Thank U.

I have interface number 5 with IP 10.200.200.1 on primary and 10.200.200.2 on secondary.

I sent my configuration to TAC engineer; he said it 's correct.

Thank u.

0 Helpful
Customers Also Viewed These Support Documents