PIX Lan Failover problem

From:
Date: 11/13/02 

Date: 12 Nov 2002 17:56:33 -0800

Hi, I am config the PIX 525 with LAN failover function.  The OS is
6.21 with UR license.  However, even I typed Failover LAN unit
primary, the PIX still recongnized itself as Secondary not Primary...
following is the configuration

....
ip address outside 10.61.89.209 255.255.255.240
ip address inside 10.61.89.135 255.255.255.240
ip address dmz 192.168.20.7 255.255.255.0
ip address passthru 192.168.10.2 255.255.255.0
ip address fo 192.168.1.1 255.255.255.0
ip address stateful-fo 172.16.1.1 255.255.255.0
.....
failover timeout 0:00:00
failover poll 15
failover ip address outside 10.61.89.216
failover ip address inside 10.61.89.140
failover ip address dmz 192.168.20.17
failover ip address passthru 192.168.10.12
failover ip address fo 192.168.1.11
failover ip address stateful-fo 172.16.1.11
failover link stateful-fo
failover lan unit primary
failover lan interface fo
failover lan key ******
failover lan enable
failover

When I type sh failover, it displays

Failover On
Cable status: My side not connected
Reconnect timeout 0:00:00
Poll frequency 15 seconds
        This host: Secondary - Active
                Active time: 45 (sec)
                Interface stateful-fo (172.16.1.1): Normal (Waiting)
                Interface fo (192.168.1.1): Link Down (Waiting)
                Interface passthru (192.168.10.2): Normal (Waiting)
                Interface dmz (192.168.20.7): Normal (Waiting)
                Interface outside (10.61.89.209): Normal (Waiting)
                Interface inside (10.61.89.135): Normal (Waiting)
        Other host: Secondary - Standby
                Active time: 0 (sec)
                Interface stateful-fo (172.16.1.11): Unknown (Waiting)
                Interface fo (192.168.1.11): Unknown (Waiting)
                Interface passthru (192.168.10.12): Unknown (Waiting)
                Interface dmz (192.168.20.17): Unknown (Waiting)
                Interface outside (10.61.89.216): Unknown (Waiting)
                Interface inside (10.61.89.140): Unknown (Waiting)

The problem is that this host should be primary not secondary, please
help.  Thanks.

Relevant Pages

  • Re: Which cable for ASA failover?
    ... Can you post your failover config of both unit. ... interface Ethernet0/0 ... mtu management 1500 ... timeout xlate 3:00:00 ...
    (comp.dcom.sys.cisco)
  • Re: Which cable for ASA failover?
    ... Can you post your failover config of both unit. ... interface Ethernet0/0 ... mtu management 1500 ... timeout xlate 3:00:00 ...
    (comp.dcom.sys.cisco)
  • Re: IP Failover: strange behaviour
    ... As long as both machines are up and running, IP failover ... network interface, and enters the status described in 1). ... IPPSA2> tcpip ifconfig -a ... IE2 are not participating in a ip failover. ...
    (comp.os.vms)
  • Re: CISCO ASA 5505 Failover
    ... the following exerpts (Cisco Systems, ... You can use any unused Ethernet interface on the device as the ... The failover link interface is not configured ...
    (comp.dcom.sys.cisco)
  • Re: CISCO ASA 5505 Failover
    ... Try removing the "management-only" on your failover vlan. ... cannot use a cross-over for the failover interface, ... access-group 101 in interface outside ... crypto map outside_map 20 match address outside_20_cryptomap ...
    (comp.dcom.sys.cisco)
Loading