配置PIX Failover------基于LAN的Failover
第十八步 使用wr mem命令将配置写到Flash Memmory中。
基于Failover电缆转换到基于LAN的Failover
第一步 使用如下命令关闭Failover
no failover
第二步 将用于LAN Fairover的接口接入网络,然后在主PIX上配置:
failover lan interface intf3
failover lan key 1234567
failover lan enable
failover
第三步 使用show Fail命令显示Failover状态:
Failover On
Cable status: Unknown
Reconnect timeout 0:00:00
Poll frequency 15 seconds
This host: primary - Active
Active time: 510 (sec)
Interface 4th (172.16.1.1): Normal (Waiting)
Interface intf2 (192.168.2.1): Normal (Waiting)
Interface outside (192.168.1.1): Normal (Waiting)
Interface inside (10.1.1.1): Normal (Waiting)
Other host: secondary - Standby
Active time: 0 (sec)
Interface 4th (172.16.1.2): Unknown (Waiting)
Interface intf2 (192.168.2.2): Unknown (Waiting)
Interface outside (192.168.1.2): Unknown (Waiting)
Interface inside (10.1.1.2): Unknown (Waiting)
Stateful Failover Logical Update Statistics
Link : 4th
Stateful Obj xmit xerr rcv rerr
General 0 0 0 0
sys cmd 0 0 0 0
up time 0 0 0 0
xlate 0 0 0 0
tcp conn 0 0 0 0
udp conn 0 0 0 0
ARP tbl 0 0 0 0
RIP Tbl 0 0 0 0
Logical Update Queue Information
Cur Max Total
Recv Q: 0 0 0
Xmit Q: 0 0 0
Lan Based Failover is Active
Interface intf3 (192.168.3.1): Normal, peer (192.168.3.2) Down
第四步 在从PIX上,输入下列命令:
failover lan unit secondary <--- optional
failover lan interface intf3
failover lan key 12345678
failover lan enable
failover
wr mem
reload
在从PIX启动后,使用Show Failover命令验证基于LAN的Failover是不是开始正常工作了,命令输出如下:
show failover
Failover On
Cable status: Unknown
Reconnect timeout 0:00:00
Poll frequency 15 seconds
This host: primary - Active
Active time: 510 (sec)
Interface 4th (172.16.1.1): Norml
Interface intf2 (192.168.2.1): Normal
Interface outside (192.168.1.1): Normal
Interface inside (10.1.1.1): Normal
Other host: secondary - Standby
Active time: 0 (sec)
Interface 4th (172.16.1.2): Normal
Interface intf2 (192.168.2.2): Normal
Interface outside (192.168.1.2): Normal
Interface inside (10.1.1.2): Normal
Stateful Failover Logical Update Statistics
Link : 4th
Stateful Obj xmit xerr rcv rerr
General 0 0 0 0
sys cmd 0 0 0 0
up time 0 0 0 0
xlate 0 0 0 0
tcp conn 0 0 0 0
udp conn 0 0 0 0
ARP tbl 0 0 0 0
RIP Tbl 0 0 0 0
Stateful Failover Logical Update Statistics
Link : 4th
Stateful Obj xmit xerr rcv rerr
General 0 0 0 0
sys cmd 0 0 0 0
up time 0 0 0 0
xlate 0 0 0 0
tcp conn 0 0 0 0
udp conn 0 0 0 0
ARP tbl 0 0 0 0
RIP Tbl 0 0 0 0
Logical Update Queue Information
Cur Max Total
Recv Q: 0 0 0
Xmit Q: 0 0 0
Lan Based Failover is Active
Interface intf3 (192.168.3.1): Normal, peer (192.168.3.2) Normal
第五步 使用write memory命令保存配置.
- FreeBSD 5.0 ADSL安装指南(01-26)
- IPSec配置实践(01-02)
- ADSL优化配置全攻略(02-26)
- 配置PIX Failover-----配置实例(03-02)
- Dot1x配置实例(03-02)
- Cisco CatOS基本安全配置详解(03-02)