• State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 38 subscribers
  • Views 475 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Cisco PIX 525 failover monitoring

profzoom1

Is there an alert or does someone out there know what OID's or Mibs to monitor to be alerted when a Cisco PIX 525 fails over to the standby PIX firewall.

We currently have 2 Cisco PIX 525 firewalls and they have failed over a couple of times and we are not alerted when this happens. Our Mars box gives this error - PIX-1-105005: (Secondary) Lost Failover communications with mate - I am not seeing anything in my syslog on my Orion box that says this for the time that this happened - Curious about that as well since we have all our pix syslogs going to our Orion box as well.

Is there a way to be alerted when this failover occurs?

Any help would be appreciated.

  • 0

    Do you have an account with Cisco forums? You might get your best answer from their Network Management forum. If you don't then I can try to ask for you.

    Does Cisco PIX's inside interface support CDP where you could use UnDP to monitor for this condition? Just a thought...

  • 0 in reply to lchance

    I do not have an account on that forum and would appreciate the help in presenting the question on another forum.

    As for the CDP being enabled on the inside interface is not enabled.

  • 0 in reply to profzoom1

    I'll let you know what/if I hear anything from that other forum.

  • 0 in reply to profzoom1

    By the way - have you tried using this Cisco PIX OID in UnDP? I've monitored VRRP and HSRP using something similar to watch for Active/Standby changes.

  • 0 in reply to lchance

    Hi,

    But how i monitor Active-Active Failover in PIX 535/FWSM Module,This will helpfull when we are using Active-Standby Failover.

    Failover On
    Last Failover at: 20:57:46 IST Apr 2 2009
     This context: Active
      Active time: 6099630 (sec)
        Interface outside (202.137.232.20): Normal
        Interface insideAS (202.137.239.1): Normal
     Peer context: Standby Ready
      Active time: 303385 (sec)
        Interface outside (202.137.232.21): Normal
        Interface insideAS (202.137.239.2): Normal

    Stateful Failover Logical Update Statistics
     Status: Configured.
     Stateful Obj  xmit       xerr       rcv        rerr     
     RPC services   0          0          0          0        
     TCP conn  1723723700 0          10245      0        
     UDP conn  3852856396 0          41553      0        
     ARP tbl   2245583    0          0          36       
     Xlate_Timeout   0          0          0          0        

    Regards,

    Riyaz

  • 0 in reply to profzoom1

    profzoom1,

    Here's the response I got back from another forum - I hope this helps:

     

    Only if you do the following, which is basically a duplicate of the syslog you got, except as SNMP trap:

    http://www.cisco.com/en/US/docs/security/pix/pix42/configuration/guide/pix42adv.html

    "To receive security and failover SNMP traps from the PIX Firewall, compile the Cisco syslog MIB into your SNMP management application. If you do not compile the Cisco syslog MIB into your application, you only receive MIB-II traps for link up or down, and firewall cold and warm start."

  • 0 in reply to lchance

    Hi,

    But how i monitor Active-Active Failover in PIX 535/FWSM Module,This will helpfull when we are using Active-Standby Failover.

    Failover On
    Last Failover at: 20:57:46 IST Apr 2 2009
     This context: Active
      Active time: 6099630 (sec)
        Interface outside (202.137.232.20): Normal
        Interface insideAS (202.137.239.1): Normal
     Peer context: Standby Ready
      Active time: 303385 (sec)
        Interface outside (202.137.232.21): Normal
        Interface insideAS (202.137.239.2): Normal

    Stateful Failover Logical Update Statistics
     Status: Configured.
     Stateful Obj  xmit       xerr       rcv        rerr     
     RPC services   0          0          0          0        
     TCP conn  1723723700 0          10245      0        
     UDP conn  3852856396 0          41553      0        
     ARP tbl   2245583    0          0          36       
     Xlate_Timeout   0          0          0          0        

    Regards,

    Riyaz

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.