Cisco ASA: Difference between revisions

From Dave-Wiki
Line 4: Line 4:
Manually failover a group to the peer firewall:
Manually failover a group to the peer firewall:


# <code>admin# changeto system</code>
admin# changeto system
# <code>show failover</code>
show failover
# <code>failover active group 2</code> ''(this makes the currently-logged-in firewall active for group 2)''
failover active group 2


==Move Context==
==Move Context==

Revision as of 20:21, 21 January 2025

HA/Redundancy

Manual Failover

Manually failover a group to the peer firewall: 

admin# changeto system
show failover
failover active group 2

Move Context

Move context from group 2 to group 1:

Note: All groups must be on same firewall before you can move a context to another group.

  1. admin# changeto system
  2. # failover active group 2 (this fails group 2 traffic over to this firewall)
  3. # conf t
  4. (config)# context fw02
  5. (config-ctx)# join-failover-group 1
  6. (config-ctx)# end
  7. # wr mem
  8. # no failover active group 2 (this fails group 2 contexts back to other firewall)

VPN

Debug

Debug Specific Peer

# debug crypto condition peer 1.1.1.1

# debug crypto ikev2 protocol 127

Stop All Debugs

# undebug all

Retrieved from "https://davehome.net/wiki/index.php?title=Cisco_ASA&oldid=421"