10-26-2017 07:35 AM - edited 02-21-2020 09:25 PM
Occasionally I would find that changes I knew I had made to clientless SSL VPN smart tunnels were no longer working. When I would look on the ASA I would find that my changes were no longer listed in the running config. This was infrequent enough that I wasn't 100% sure I originally made the changes until today when a relatively recent change disappeared. Testing showed that changes I made on the primary ASA in a failover pair to smart tunnel network list (in this case adding additional IPs for users to access) were not automatically saved to the running config on the standby unit. So anytime a failover occurred any changes made to smart tunnels would revert back to what was on the secondary. When I forced saved to standby the updates appeared.
I am not sure if this is a bug related to our recent update to ASA 9.6(3)1/ASDM 7.8(1) or if it has been going on longer. Anyone else experience this or have any ideas? It's an easy work around but am pretty sure it used to work automatically to synch up the running configs on applying the commands on the primary ASA to the standby. ASAs are 2: 5545X
10-26-2017 05:40 PM
10-27-2017 07:11 AM
thanks,
Checking the failover status everything appears ok. The primary is the active ASA as normal.
Checking the Cisco site, the ASAs are already running the latest recommended release version for 9.6 series.
10-27-2017 07:31 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide