Archive for the ‘failover’ tag
RichardF commented on an article I wrote last November and mentioned the prompt command in the ASA. I never set aside any time to research it, but I finally took the time today while waiting for a maintenance window.
This is one of those little things in life that make me happy. Since the active ASA always has the same hostname and IP address, I find it hard to keep track of to which firewall I'm actually connected. That "configurtions are no long in sync" message you get when you conf t on the standby firewall really irks me. With the prompt command, I can see which firewall I'm on and in what state it is.
Here are the options you can use.
firewall(config)# prompt ?
configure mode commands/options:
context Display the context in the session prompt (multimode only)
domain Display the domain in the session prompt
hostname Display the hostname in the session prompt
priority Display the priority in the session prompt
state Display the traffic passing state in the session prompt
Note that the command is similar to the service timestamps in IOS where you can stack options. I wound up setting my prompts to "hostname priority state" so I can see that information without having to do a show failover. If you run contexts, I'm sure that would be a good one to include as well. I imagine adding "domain" may make the prompt too long for use, though. Heh.
candy hearts questions my way.
I was exploring commands on the ASA a while back and discovered that you can run commands on the standby unit from the active. Read the rest of this entry »
A buddy asked for some help on configuring a pair of ASAs in active/passive mode, and, by pure coincidence, my newest project is to set up the same. I've done it many time, but it's one of those things that you don't really do every day (unless you're a VAR or something). These things always get covered in rust very quickly in my head, but, once I get one or two details back to the surface, it all comes flooding back. I better take the time to jot down the details. Read the rest of this entry »