Question on PIX replication

["Steven Pfister" <SPfister () dps k12 oh us>]

I've got a pair of PIX 525 in an active/standby configuration. I recently made some fairly large configuration changes 
to the active pix. Ever since then, I'm getting some errors when writing the config to the standby unit. The error 
looks something like:

"At <date/time>, this active PIX was sending it configuration to the standby PIX and would not properly accept
configuration changes. After this PIX notifies ASDM that configuration synchronization is complete, ASDM will
send the current configuration changes.

Send configuration to the PIX now anyway rather than waiting?"

If I answer Send, I get another dialog which contains "write standby" and "Config replication in progress... Please try 
later."

There seems to have been a failover to the secondary unit, and the primary unit is in a state called "sync config". On 
the primary, all the interfaces are down/up and seem to have the same ip addresses as the secondary (which is now the 
active unit). Is this normal for the state it's in, or are the interfaces down because of ip address conflicts?

How can I best get the standby pix back in sync with the active one? 

Thanks!
--Steve

 

Steve Pfister
Technical Coordinator, 
The Office of Information Technology
Dayton Public Schools
115 S. Ludlow St. 
Dayton, OH 45402
 
Office (937) 542-3149
Cell (937) 673-6779
Direct Connect: 137*131747*8
Email spfister () dps k12 oh us


_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards