PIX configs exactly same on cluster members

PIX configs exactly same on cluster members
NewsGroups | Search | Tools
User Password
Register Now! Lost Password?
 comp.dcom.sys.cisco  Post an article  get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content  add this group's latest topics to your Google content  YahooMyWeb Yahoo!  Google Google  Windows Live Favorites Windows Live  del.icio.us del.icio.us  digg digg  Add to Netscape Netscape
Subject Author Date
PIX configs exactly same on cluster members musiknut 04-28-2008
Posted by on April 28, 2008, 11:35 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Hi all,
I've been asked to look at a Pix cluster that didn't failover
properly when the master went down last.
One thing I noticed is that although the 'sho ip address' command
reveals Current Ip Addresses to be different to each other, both
boxes have the same hostname and exactly the same config when you
'show run'

I know that Pix boxes swap MAC and IP addresses on failover but I
didn't expect to see the config and hostnames being identical. Is this
correct?

The other strange thing is that, although the config is for Active/
Standby (not Active/Active) - no failover groups are configured -
'show ver' reveals the active unit is licenced for Active/Active and
the standby as Active/Standby.

Cheers
MN

Pure Networks
Posted by Lutz Donnerhacke on April 28, 2008, 12:11 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
* musiknut@gmail.com wrote:
> I know that Pix boxes swap MAC and IP addresses on failover but I
> didn't expect to see the config and hostnames being identical. Is this
> correct?

Yes.

> The other strange thing is that, although the config is for Active/
> Standby (not Active/Active) - no failover groups are configured -
> 'show ver' reveals the active unit is licenced for Active/Active and
> the standby as Active/Standby.

That's ok.

You might search for "show failover".

Similar ThreadsPosted
9/10 charter members selected January 5, 2005, 4:15 am
Cisco Group On Facebook - with 900+ members December 3, 2007, 10:45 pm
CiscoHQ.com - Cisco Forum and News - Celebrates Its First 100 Members March 8, 2006, 11:48 pm
3750 master not seeing other stack members + image loading ??? September 20, 2006, 4:51 pm
MS Cluster and NLB with PIX 501 November 28, 2004, 9:24 pm
Cisco CCM: Cluster Name from AXL April 27, 2004, 11:48 am
NAT'd NLB Web Cluster February 26, 2006, 11:08 pm
Checkpoint HA Cluster w/ multicast April 4, 2005, 11:23 am
Ciscoworks VMS on Windows Cluster August 12, 2005, 12:26 pm
pix Version 7.0(4) cluster move October 19, 2006, 6:11 am

other useful resources:
The Federal Communications Commission (FCC)
Telecommunications Industry Association
Electronic and Software Security Products and Services
International Telecommunication Union

Custom CGI Perl and PHP programming by 1-Script.com

Contact Us | Privacy Policy
The site map in XML format XML site map