I think I've covered this once already, but I thought since I just did this the other day again, I would post some outputs on it. I really like Cisco's HA feature. From my experience, its very reliable and I have never seen it let me down before. Here is a template on what I did on the secondary ASA to get it to get the primary ASA's config:
interface Management0/0
no shut
failover lan unit secondary
failover lan interface failover_state Management0/0
failover key mypasskey
failover link failover_state Management0/0
failover interface ip failover_state 192.168.1.1 255.255.255.0 standby 192.168.1.2
failover
Once I did this, I get the following on the secondary ASA:
ciscoasa(config)# .
Detected an Active mate
Beginning configuration replication from mate.
End configuration replication from mate.
This is what the primary ASA said before the secondary came up:
sh failover
Failover On
Failover unit Primary
Failover LAN Interface: failover_state Management0/0 (Failed - No Switchover)
Unit Poll frequency 1 seconds, holdtime 15 seconds
Interface Poll frequency 5 seconds, holdtime 25 seconds
Interface Policy 1
Monitored Interfaces 3 of 110 maximum
Version: Ours 8.2(5), Mate Unknown
Last Failover at: 12:56:25 UTC Mar 8 2013
This host: Primary - Active
Other host: Secondary - Failed
(shortened for brevity)
By the way, make sure the images are the same. I had to upgrade my primary image to match what came on the secondary unit.
ASA# sh fail
Failover On
Failover unit Secondary
Failover LAN Interface: failover_state Management0/0 (up)
Unit Poll frequency 1 seconds, holdtime 15 seconds
Interface Poll frequency 5 seconds, holdtime 25 seconds
Interface Policy 1
Monitored Interfaces 3 of 110 maximum
Version: Ours 8.2(5), Mate 8.2(5)
Last Failover at: 14:44:56 UTC Mar 8 2013
This host: Secondary - Standby Ready
Other host: Primary - Active
(shortened for brevity)
No comments:
Post a Comment
Your comment will be reviewed for approval. Thank you for submitting your comments.