Solved

PIX Boot Error ERROR: Command requires failover license

Posted on 2006-06-14
11
1,424 Views
Last Modified: 2013-11-16
when the PIX 525 boots I see this error, here is the config. How do I remove these errors? I don't see what might be causing them
Partial config below

ftp mode passive
pager lines 24
mtu outside 1500
mtu www 1500
mtu intf2 1500
mtu intf3 1500
mtu intf4 1500
mtu inside 1500
ERROR: Command requires failover license
ERROR: Command requires failover license
asdm image flash:/asdm
asdm location 192.168.6.0 255.255.255.0 inside
asdm history enable
arp timeout 14400

0
Comment
Question by:questfar
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +2
11 Comments
 
LVL 9

Expert Comment

by:stressedout2004
ID: 16907937
Under configuration mode, run this command:

no failover
wr mem

Then try to reboot it and see if the error goes away.
0
 

Author Comment

by:questfar
ID: 16907978
I receive

command requires failover license

this a restricted bundle with no failover, upgraded the OS from the factory 6.3 to 7.04
0
 
LVL 57

Accepted Solution

by:
giltjr earned 500 total points
ID: 16908579
I would suggest that you copy the config to a PC, you need a tftp server, edit the file and remove offending commands and then copy the file back.

0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 9

Expert Comment

by:stressedout2004
ID: 16908775
Can you run the command "show running-config all failover" and post the output.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 16908814
It's legacy leftover stuff from the 6.x upgrade config.
It is nothing to worry about and should go away after you save the config in 7. format (just save what you have) and reboot.
0
 
LVL 5

Expert Comment

by:renill
ID: 16909800
post the full configuration
** sanitise the nessacary ****
i believe you had gone for connecting a failover  cable or tried failover in a restricted license.

renill
0
 
LVL 5

Expert Comment

by:renill
ID: 16909822
failover license wont come with upgrading your ios.
this comes as a different bundle.

One of the failover units must have an Unrestricted license (UR), while the other can have a Failover (FO) or UR license. Restricted units cannot be used for failover and two units with FO licenses cannot be used in a single failover pair. The PIX 515, PIX 515E, PIX 525, and PIX 535 can be used for failover if you have the optional Unrestricted (UR) license.
Neither PIX 501 or PIX 506/506E units can be used for failover, either as the primary or secondary unit.

Pls go through this document..Might help you out
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_data_sheet09186a00800b0d85.html


renill
0
 
LVL 57

Expert Comment

by:giltjr
ID: 16910875
lrmoore is correct.  Once you save the config the messages should go away.
0
 

Author Comment

by:questfar
ID: 16911492
giltrjr's suggestion to remove the lines was the only way to resolve this, I tried the save but they were always there.

I copied the config back after removing the lines and then issued a copy file startup-config, reloaded and errors gone.

Thanks
0
 

Author Comment

by:questfar
ID: 16911593
Well, here's another wrinkle. The error is back. It seems that when I launch ASDM and make any changes and save the file back, something in ASDM is causing those errors. When I launched ASDM and it loaded the config into the interface, the only thing I changed was the domain name. I saved the back to the PIX and then issued a sh config and the errors were back. I think I'll contact CISCO on this.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 16913242
Can you hear me scratching my head?  Somewhere, obviously, ASDM thinks you want to run in failover mode.  We don't use ASDM to configure our firewalls and we are UR/FO so can't help you much more.  Hopefully Cisco can help.
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Have you experienced traffic destined through a Cisco ASA firewall disappears and you do not know if the traffic stops in the firewall or somewhere else? The solution is the capture feature. This feature was released in 6.2(1) and works in all firew…
This article will cover setting up redundant ISPs for outbound connectivity on an ASA 5510 (although the same should work on the 5520s and up as well).  It’s important to note that this covers outbound connectivity only.  The ASA does not have built…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question