Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2242
  • Last Modified:

Configuration Replication is NOT performed from Standby unit to Active unit. Configurations are no longer synchronized[

I have 2 ASA 5580 IOS  asa844-1-smp-k8.bin , i make failover as shown below


i made failover active
failover
failover lan unit primary
failover lan interface failover GigabitEthernet8/3
failover replication http
failover timeout 0:00:10
failover mac address Port-channel2 0015.17fe.4b60 001b.219c.a318
failover mac address GigabitEthernet3/3 0015.17fe.4b63 001b.219c.a31b
failover mac address Port-channel3 001b.21a1.d6d4 001b.219f.e340
failover link failover GigabitEthernet8/3
failover interface ip failover 1.1.1.1 255.255.255.252 standby 1.1.1.2

standby ASA
failover
failover lan unit secondary
failover lan interface failover GigabitEthernet8/3
failover replication http
failover timeout 0:00:10
failover mac address Port-channel2 0015.17fe.4b60 001b.219c.a318
failover mac address GigabitEthernet3/3 0015.17fe.4b63 001b.219c.a31b
failover mac address Port-channel3 001b.21a1.d6d4 001b.219f.e340
failover link failover GigabitEthernet8/3
failover interface ip failover 1.1.1.1 255.255.255.252 standby 1.1.1.2


but when I turn of Port-channel2 (interface 3/0 , 3/1 , 3/2 )  doesn't go to standby ASA . why ?
appear that message in standby ASA

Configuration Replication is NOT performed from Standby unit to Active unit.         Configurations are no longer synchronized


please answer me it is urgent

for more detail config ASA active and standby please find at

attached file
standby-ASA.txt
active-ASA-.txt
0
memo12345678
Asked:
memo12345678
  • 4
  • 3
  • 2
  • +1
3 Solutions
 
memo12345678Author Commented:
any one have answer ?
0
 
jwil320Commented:
You're getting that error because you made a change on the standy unit. I would do a write memory from the active ASA so you can resync the configurations.
0
 
mikebernhardtCommented:
jwil320 is exactly correct. The first thing I would do though is to enter "show failover" and verify which one is actually active, which is different from Secondary. Make sure the correct one is active. If not, type "failover active" on the one you want active before making config changes.
0
Get Cisco Certified in IT Security

There’s a high demand for IT security experts and network administrators who can safeguard the data that individuals, corporations, and governments rely on every day. Pursue your B.S. in Network Operations and Security and gain the credentials you need for this high-growth field.

 
memo12345678Author Commented:
why  appear   Negotiation ?
 

Mosul-ASA# show failover history
==========================================================================
From State                 To State                   Reason
==========================================================================
11:18:34 Iraq Dec 27 2012
Not Detected               Negotiation                No Error

11:19:19 Iraq Dec 27 2012
Negotiation                Just Active                No Active unit found

11:19:19 Iraq Dec 27 2012
Just Active                Active Drain               No Active unit found

11:19:19 Iraq Dec 27 2012
Active Drain               Active Applying Config     No Active unit found

11:19:19 Iraq Dec 27 2012
Active Applying Config     Active Config Applied      No Active unit found

11:19:19 Iraq Dec 27 2012
Active Config Applied      Active                     No Active unit found

==========================================================================
Mosul-ASA#
0
 
memo12345678Author Commented:
how I do resync  in Active ASA ? jwil320 ?
0
 
jwil320Commented:
from the active ASA you just type "write memory"
0
 
jwil320Commented:
also provide the output from " sh run failover" from both ASA's

sorry do a write standy instead of write memory.
0
 
mikebernhardtCommented:
On active unit:
conf t
 failover
 failover active

On standby unit
conf t
 failover
 no failover active
0
 
Feroz AhmedSenior Network EngineerCommented:
Hi,

To replicate configurations from Active to Standby you are required to convert a particular Interface into Management port and should run Failover command once the handshake between 2 failover takes place (a hello command is received from Standby Failover) which specifies Handshake between Active and Standby was successful and data replication takes place between Active and Standby .whatever changes are made on active failover the same configuration is replicated on Standby Failover.In this way data replication takes place in Failover concept.The first thing to startup with failover is Successful handshake in the form of "Hello" command on both Failover.
0
 
memo12345678Author Commented:
thanks a lot
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get Certified for a Job in Cybersecurity

Want an exciting career in an emerging field? Earn your MS in Cybersecurity and get certified in ethical hacking or computer forensic investigation. WGU’s MSCSIA degree program was designed to meet the most recent U.S. Department of Homeland Security (DHS) and NSA guidelines.  

  • 4
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now