Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Pix 515's fail to failover

from [Spigga] Network Security [Permanent Link]
Subject: Re: Pix 515's fail to failover
Date: Sun, 14 Nov 2004 17:47:09 -0600 
Thats the odd part, these pairs were failing fine in the past, we test
often, and we have about 250 more pairs that are fine.  Since I sent
this email one pair has decided to play nice, no config changes. We
brought the primary up to do some troubleshooting and the problem was
gone. One pair is still having the same issue.  We're going to spend
some time with the failed pair on Monday. I guess we'll see what
happens.


On Mon, 15 Nov 2004 09:35:19 +1000, Ivan Coric
<ivan.coric@workcoverqld.com.au> wrote:

verify your failover config -
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v50/config/advanced.htm

use the command show failover - this will show you the status of the
failover

cheers
Ivan

Ivan Coric, CISSP, RHCE
IT Technical Security Officer
Information Technology
WorkCover Queensland
Ph: (07) 30066414 Fax: (07) 30066424
Email: ivan.coric@workcoverqld.com.au


Spigga <spigga@gmail.com> 12/11/2004 8:56:21 am >>>

I have 2 HA pairs that refuse to failover properly.  If the primary is
active, and I try to fail it over to standby, they both go standby and
traffic halts. I have to power cycle the primary and all is well.
This is the same situation on two separate pairs one pair  running
6.3(3) and one running 6.3(4).  They both started doing this on the
same day.  One during failover testing and one pair just stopped
passing traffic and never failed over so we had a guy power off the
primary and since then failover does not work.  In one case we
replaced the primary and it still happens.  We have replaced serial
and lan failover cables.  Anyone seen or heard of this?  We have close
to 300 pixes, a large number runninf 6.3(3) and some running 6.3(4)
and no others are having trouble but we haven't failed any over since
this started.  I'm afraid to test.

***************************************************************************
Messages included in this e-mail and any of its attachments are those
of the author unless specifically stated to represent WorkCover Queensland. 
The contents of this message are to be used for the intended purpose only and 
are to be kept confidential at all times.
This message may contain privileged information directed only to the intended 
addressee/s. Accidental receipt of this information should be deleted 
promptly and the sender notified.
This e-mail has been scanned by Sophos for known viruses.
However, no warranty nor liability is implied in this respect.
**********************************************************************
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Hardening ISA Server, Jose Costa
Next by Date:  RE: Router config question, Joseph T. Finley
Previous by Thread:  Re: Pix 515's fail to failover, Ivan Coric
Next by Thread:  Re: Pix 515's fail to failover, Spigga
Indexes:  [Date] [Thread] [Top] [All Lists]