Verifying The Failover Configuration - Cisco FirePOWER ASA 5500 series Configuration Manual
Security appliance command line
Hide thumbs
Also See for FirePOWER ASA 5500 series:
- Datasheet (20 pages) ,
- Configuration manual (1140 pages)
Table of Contents
Advertisement
Chapter 14
Configuring Failover
To prevent the failover key from being replicated to the peer unit in clear text for an existing failover
Note
configuration, disable failover on the active unit (or in the system execution space on the unit that has
failover group 1 in the active state), enter the failover key on both units, and then re-enable failover.
When failover is re-enabled, the failover communication is encrypted with the key.
For new LAN-based failover configurations, the failover key command should be part of the failover
pair bootstrap configuration.
Verifying the Failover Configuration
This section describes how to verify your failover configuration. This section includes the following
topics:
•
•
•
•
Using the show failover Command
This section describes the show failover command output. On each unit you can verify the failover status
by entering the show failover command. The information displayed depends upon whether you are using
Active/Standby or Active/Active failover.
This section includes the following topics:
•
•
show failover—Active/Standby
The following is sample output from the show failover command for Active/Standby Failover.
Table 14-7
hostname# show failover
Failover On
Cable status: N/A - LAN-based failover enabled
Failover unit Primary
Failover LAN Interface: fover Ethernet2 (up)
Unit Poll frequency 1 seconds, holdtime 3 seconds
Interface Poll frequency 15 seconds
Interface Policy 1
Monitored Interfaces 2 of 250 maximum
failover replication http
Last Failover at: 22:44:03 UTC Dec 8 2004
OL-10088-01
Using the show failover Command, page 14-37
Viewing Monitored Interfaces, page 14-45
Displaying the Failover Commands in the Running Configuration, page 14-45
Testing the Failover Functionality, page 14-46
show failover—Active/Standby, page 14-37
Show Failover—Active/Active, page 14-41
provides descriptions for the information shown.
This host: Primary - Active
Active time: 13434 (sec)
Interface inside (10.130.9.3): Normal
Interface outside (10.132.9.3): Normal
Other host: Secondary - Standby Ready
Active time: 0 (sec)
Interface inside (10.130.9.4): Normal
Interface outside (10.132.9.4): Normal
Cisco Security Appliance Command Line Configuration Guide
Configuring Failover
14-37
Advertisement
Table of Contents
Troubleshooting
