hi,

we have a stateful failover configured with PIX 515E, secondary PIX
brokedown last week and we have a replacement box shiped out to us.

initially I thought it would be a PSU issue, replaced it, but no joy.

I would like to know if someone could tell me what all the initial
configuration I need to do on the new box, so that I could make it
sync with the Primary PIX unit.

any help would be appriciated!!

Thank You

In message
<164feb94-16eb-472a-9c55-f3671594a62d@s8g2000prg.googlegroups.com>,
saffio <javzone@gmail.com> writes
>hi,
>
>we have a stateful failover configured with PIX 515E, secondary PIX
>brokedown last week and we have a replacement box shiped out to us.
>
>initially I thought it would be a PSU issue, replaced it, but no joy.
>
>I would like to know if someone could tell me what all the initial
>configuration I need to do on the new box, so that I could make it
>sync with the Primary PIX unit.
>
>any help would be appriciated!!
>
>Thank You

Plug in Pix connector cable. Wait.

:-)


--
Mike Buckley
RD350LC2
http://www.toastyhamster.freeserve.co.uk - deleted by Orange - f*ckers - then
randomly reinstated - wtf!
http://www.toastyhamster.plus.com
BONY#38

mike. buckley wrote:

> Plug in Pix connector cable. Wait.
>
> :-)

what?
you don't even have to give the secondary an ip adress on the failover interface?
i doubt it.

i would:
- configure ip addresses on new device
- configure it as secondary (check license)
- check or upgrade to same version as primary
- export config from primary
- connect them with failover cable
- log in to primary - it should say: detected peer - synchronizing (or something to that effect)
- make sure primary is still primary
- add a test accesslist, do "write standby"
- no errors - good!

M

On Feb 7, 9:32*am, mak <m...@nospam.com> wrote:
> mike. buckley wrote:
> > Plug in Pix connector cable. Wait.
>
> > :-)
>
> what?
> you don't even have to give the secondary an ip adress on the failover interface?
> i doubt it.
>
> i would:
> - configure ip addresses on new device
> - configure it as secondary (check license)
> - check or upgrade to same version as primary
> - export config from primary
> - connect them with failover cable
> - log in to primary - it should say: detected peer - synchronizing (or something to that effect)
> - make sure primary is still primary
> - add a test accesslist, do "write standby"
> - no errors - good!
>
> M
Hello Mak

Thanks for the steps you 've given..waiting for the box to arrive
today. I would follow them.

many thanks!
cheers!

In message
<90515da5-45c8-4e56-8218-714ad5c7c6c7@1g2000hsl.googlegroups.com>,
saffio <javzone@gmail.com> writes
>On Feb 7, 9:32*am, mak <m...@nospam.com> wrote:
>> mike. buckley wrote:
>> > Plug in Pix connector cable. Wait.
>>
>> > :-)
>>
>> what?
>> you don't even have to give the secondary an ip adress on the
>>failover interface?
>> i doubt it.
>>
>> i would:
>> - configure ip addresses on new device
>> - configure it as secondary (check license)
>> - check or upgrade to same version as primary
>> - export config from primary
>> - connect them with failover cable
>> - log in to primary - it should say: detected peer - synchronizing
>>(or something to that effect)
>> - make sure primary is still primary
>> - add a test accesslist, do "write standby"
>> - no errors - good!
>>
>> M
>Hello Mak
>
>Thanks for the steps you 've given..waiting for the box to arrive
>today. I would follow them.
>
>many thanks!
>cheers!


From memory the secondary Pix takes its IPs from the primary config so
no need to configure the interfaces at all - or if you do it will just
overwrite them when it syncs over the serial cable.

Always worth checking you have a secondary license though :-) Nice bonus
if they've sent you an unrestricted one.


--
Mike Buckley
RD350LC2
http://www.toastyhamster.freeserve.co.uk - deleted by Orange - f*ckers - then
randomly reinstated - wtf!
http://www.toastyhamster.plus.com
BONY#38