[c-nsp] ASA 5510 Configuration Replication Failure

Matthew Huff mhuff at ox.com
Thu Jun 11 13:04:26 EDT 2009 

Try connecting to the serial port on both boxes and setting the name on
both, and then retrying the sync.

----
Matthew Huff       | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com  | Phone: 914-460-4039
aim: matthewbhuff  | Fax:   914-460-4139



> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-
> bounces at puck.nether.net] On Behalf Of Jeff Wojciechowski
> Sent: Thursday, June 11, 2009 12:38 PM
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] ASA 5510 Configuration Replication Failure
> 
> Dearest List:
> 
> We are building a new active/standby ASA cluster with 5510's and the
> initial config synch went just fine.
> 
> However, when we changed the hostname on the primary unit and did a
> 'write standby' I got the following:
> 
> VaultASA(config)# wr stan
> Building configuration...
> [OK]
> VaultASA(config)# Beginning configuration replication: Sending to mate.
> Failover LAN Failed
> Configuration Replication Failure
> sh ver
> 
> Cisco Adaptive Security Appliance Software Version 8.0(3)
> Device Manager Version 6.1(5)
> 
> Another interesting point about this is that both units show the synch
> interface (E0/3 on both units in our case) show line protocol down.
> 
> VaultASA(config)# sh int e0/3
> Interface Ethernet0/3 "failover", is down, line protocol is down
>   Hardware is i82546GB rev03, BW 100 Mbps, DLY 100 usec
>         Full-Duplex, 100 Mbps
>         Description: LAN/STATE Failover Interface
>         MAC address 0024.14d3.7b37, MTU 1500
>         IP address x.x.x.x, subnet mask 255.255.255.0
>         558 packets input, 49468 bytes, 0 no buffer
>         Received 3 broadcasts, 0 runts, 0 giants
>         0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
>         0 L2 decode drops
>         499 packets output, 71296 bytes, 0 underruns
>         0 output errors, 0 collisions, 9 interface resets
>         0 babbles, 0 late collisions, 0 deferred
>         0 lost carrier, 0 no carrier
>         input queue (curr/max packets): hardware (0/25) software (0/0)
>         output queue (curr/max packets): hardware (0/0) software (0/0)
>   Traffic Statistics for "failover":
>         558 packets input, 39264 bytes
>         502 packets output, 59800 bytes
>         0 packets dropped
>       1 minute input rate 0 pkts/sec,  0 bytes/sec
>       1 minute output rate 0 pkts/sec,  0 bytes/sec
>       1 minute drop rate, 0 pkts/sec
>       5 minute input rate 0 pkts/sec,  0 bytes/sec
>       5 minute output rate 0 pkts/sec,  0 bytes/sec
>       5 minute drop rate, 0 pkts/sec
> VaultASA(config)#
> 
> Ideas?
> 
> Thanks in advance.
> 
> Jeff
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4229 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20090611/3fd2bdad/attachment.bin>

More information about the cisco-nsp mailing list