I have a pair of 515e firewalls setup for failvoer and a serial failover cable between. When the primary has a failure the secondary takes over, when the primary comes back to a normal state the secondary continues active. Should the primary not "preempt" the secondary and become active because of the special cable joining the two?
When the failover takes place - the secondary becomes the primary firewall logically. Physcially the primary is the failover until the secondary fails or you force failover:-
failover active - on the Physical Primary firewall.
...according to Cisco documentation the process of restoring a failed unit is manual, meaning that a command must be entered to allow the physical primary to become active again...
In my experiance that command only "resets" the failover state from failed - i.e when 2 units try to sync the config and establish failover communications and have failed previously.
This may have changed.......
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
