Solved

PIX515 Failover Reset

Posted on 2007-11-21
6
859 Views
Last Modified: 2012-06-27
Due to replacing some cables over the weekend our PIX515E failed over to the standby unit. I want to switch it back and have issued a failover reset but the backup is still active. How can i switch this back without interupting our users?
0
Comment
Question by:akalbfell
  • 3
  • 3
6 Comments
 
LVL 4

Accepted Solution

by:
CCIE8122 earned 500 total points
Comment Utility
You can only switch back to the primary without service interruption if you have configured stateful failover (which means that the state of all of the connections is replicated across the dedicated Ethernet link to the standby PIX), otherwise all connection's will be reset.  To verify this, issue the command:

show failover

You will be able to see if your are configured for stateful failover as there will be a section at the bottom with stateful failover statistics.

To switch back to the primary, issue the command:

failover reset

on the failed primary PIX, and then you can either disconnect or reload the secondary (active) PIX, or on the console of the standby primary, issue the command:

failover active

Note that you have to be consoled to the standby to issue this command, cuz if you try to telnet/ssh, you will connect to the active secondary.

HTH

kr
0
 
LVL 8

Author Comment

by:akalbfell
Comment Utility
Just found it online, thanks for detailed explanation.
0
 
LVL 8

Author Comment

by:akalbfell
Comment Utility
quick follow up, after issuing that command the primary PIX took over but the firewall is spitting out tons of data to hyperterminal since right after i input the command. Why is it doing that and how can i get it to stop. It looks like a bunch of information about the connections which i assumed was just because it was tearing down and creating new ones but its still going...any ideas???
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 4

Expert Comment

by:CCIE8122
Comment Utility
This is because you are connected to the console and you have console logging turned on.  You may either turn off console logging, or raise the logging level above the level you see all the messages (this is the number where "X" is below:

Nov 21 2007 14:39:01: %PIX-X-123456: Text message

So if "X" on the majority of the log entries is 4, then you would set console logging to 3 and the level 4 events would not echo to the console.  Note that if you are logging to a server, you want to be careful that you only modify the console logging setting.

kr
0
 
LVL 8

Author Comment

by:akalbfell
Comment Utility
thanks much!
0
 
LVL 4

Expert Comment

by:CCIE8122
Comment Utility
NP.  Good luck.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Suggested Solutions

We sought a budget ($5,000) firewall solution that would provide all the performance we needed with no single point of failure.  Hosting a SAAS web application in our datacenter, it was critical that we find a way to keep connectivity up and inbound…
#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now