Enabling Failover on Primary PIX goes standby.

Discussion in 'Cisco' started by Tom Pouce, Nov 9, 2005.

  1. Tom Pouce

    Tom Pouce Guest

    I have to connect 2 PIX's (515E) with FAILOVER via LAN

    After configuring all failover IP addresse and connecting the FAILOVER
    link to the switch I enabled FAILOVER on the PIX.
    The PIX goes immediately in standby mode. I thought I should stay active
    because it's the primary and he couldn't reaching the secondary.

    Any suggestion or solution?


    pix1(config)# sh failover
    Failover On
    Serial Failover Cable status: My side not connected
    Reconnect timeout 0:00:00
    Poll frequency 15 seconds
    Last Failover at: 22:57:07 CET Mon Nov 7 2005
    This host: Primary - Standby
    Active time: 0 (sec)
    Interface outside (x.y.9.14): Normal (Waiting)
    Interface inside (x.y.14.46): Normal (Waiting)
    Interface intf2 (0.0.0.0): Normal (Shutdown)
    Interface intf3 (0.0.0.0): Normal (Shutdown)
    Interface intf4 (0.0.0.0): Normal (Shutdown)
    Other host: Secondary - Standby
    Active time: 0 (sec)
    Interface outside (x.y.9.10): Unknown (Waiting)
    Interface inside (x.y.14.45): Unknown (Waiting)
    Interface intf2 (0.0.0.0): Unknown (Shutdown)
    Interface intf3 (0.0.0.0): Unknown (Shutdown)
    Interface intf4 (0.0.0.0): Unknown (Shutdown)

    Stateful Failover Logical Update Statistics
    Link : Unconfigured.


    LAN-based Failover is Active
    interface LANFAIL (192.168.80.1): Normal, peer (192.168.80.2):
    Unknown
    Tom Pouce, Nov 9, 2005
    #1
    1. Advertising

  2. Tom Pouce

    Guest

    What does "show version" tell you? Are you on the FO box? You might
    need to change the console to the other PIX
    , Nov 9, 2005
    #2
    1. Advertising

  3. Tom Pouce

    Guest

    Also, I believe you need a third link for lan based FO.
    , Nov 9, 2005
    #3
  4. Tom Pouce

    Tom Pouce Guest

    wrote:
    > Also, I believe you need a third link for lan based FO.
    >

    This is the output of the primary PIX.
    I used interface ethernet5 for the failover link
    Tom Pouce, Nov 9, 2005
    #4
  5. "Tom Pouce" <> wrote in message
    news:...
    > I have to connect 2 PIX's (515E) with FAILOVER via LAN
    >
    > After configuring all failover IP addresse and connecting the FAILOVER
    > link to the switch I enabled FAILOVER on the PIX.
    > The PIX goes immediately in standby mode. I thought I should stay active
    > because it's the primary and he couldn't reaching the secondary.
    >
    > Any suggestion or solution?
    >
    >
    > pix1(config)# sh failover
    > Failover On
    > Serial Failover Cable status: My side not connected
    > Reconnect timeout 0:00:00
    > Poll frequency 15 seconds
    > Last Failover at: 22:57:07 CET Mon Nov 7 2005
    > This host: Primary - Standby
    > Active time: 0 (sec)
    > Interface outside (x.y.9.14): Normal (Waiting)
    > Interface inside (x.y.14.46): Normal (Waiting)
    > Interface intf2 (0.0.0.0): Normal (Shutdown)
    > Interface intf3 (0.0.0.0): Normal (Shutdown)
    > Interface intf4 (0.0.0.0): Normal (Shutdown)
    > Other host: Secondary - Standby
    > Active time: 0 (sec)
    > Interface outside (x.y.9.10): Unknown (Waiting)
    > Interface inside (x.y.14.45): Unknown (Waiting)
    > Interface intf2 (0.0.0.0): Unknown (Shutdown)
    > Interface intf3 (0.0.0.0): Unknown (Shutdown)
    > Interface intf4 (0.0.0.0): Unknown (Shutdown)
    >
    > Stateful Failover Logical Update Statistics
    > Link : Unconfigured.
    >
    >
    > LAN-based Failover is Active
    > interface LANFAIL (192.168.80.1): Normal, peer (192.168.80.2):
    > Unknown
    >


    looks like you do not have layer-2 connection between the two FO interfaces.
    To help out more, please also post the interface and failover part of your
    config.

    You need to have a switch inbetween, and not just a crossover UTP.
    Also it might be because of the failover IP you have issued.
    Alternatively, you can enable debug, and manually active failover and watch
    the output.
    (type failover active on the primary host)

    HTH
    Martin
    Martin Bilgrav, Nov 9, 2005
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Tony

    failover license to primary

    Tony, Nov 10, 2003, in forum: Cisco
    Replies:
    1
    Views:
    432
    Walter Roberson
    Nov 10, 2003
  2. Replies:
    1
    Views:
    6,405
    Vincent C Jones
    Oct 15, 2005
  3. Gary

    PIX Primary/Standby

    Gary, Dec 19, 2005, in forum: Cisco
    Replies:
    1
    Views:
    463
    Lutz Donnerhacke
    Dec 19, 2005
  4. UBEST
    Replies:
    3
    Views:
    1,939
    UBEST
    Apr 22, 2007
  5. Pit
    Replies:
    0
    Views:
    1,122
Loading...

Share This Page