49-24
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 49 Configuring Failover
Failover Policies
Edit Failover Group Dialog Box
Use the Edit Failover Group dialog box to configure failover parameters for groups of security contexts
in an Active/Active failover configuration. See Add/Edit Security Context Dialog Box (PIX/ASA),
page 57-7, or Add/Edit Security Context Dialog Box (FWSM), page 57-5, for information about
assigning a context to a failover group.
Navigation Path
You can access the Add Failover Group dialog box from the PIX/ASA Settings Dialog Box, page 49-20,
or the FWSM Advanced Settings Dialog Box, page 49-15.
Related Topics
• Failover Policies, page 49-10
• Failover Page (ASA/PIX 7.0+), page 49-17
• Failover Page (FWSM), page 49-12
Monitor this interface for
failure
Specifies whether this interface is monitored for failure: check this box
to enable monitoring. The number of interfaces that can be monitored
for the security appliance is 250.
Hello messages are exchanged between the security appliance failover
pair during every interface poll time period. The failover interface poll
time is 3 to 15 seconds. For example, if the poll time is set to 5 seconds,
testing begins on an interface if 5 consecutive hellos are not heard on
that interface (25 seconds). Monitored failover interfaces can have the
following status:
• Unknown—Initial status. This status can also mean the status
cannot be determined.
• Normal—The interface is receiving traffic.
• Testing—Hello messages are not heard on the interface for five poll
times.
• Link Down—The interface is administratively down.
• No Link—The physical link for the interface is down.
• Failed—No traffic is received on the interface, yet traffic is heard
on the peer interface.
ASR Group Number If this interface is part of an asymmetric routing group, provide its ASR
group number. Valid values for ASR group numbers are 1 through 32.
Stateful failover must be enabled for asymmetric routing support to
function properly between units in failover configurations.
Table 49-9 Edit Failover Interface Configuration Dialog Box (Continued)
Element Description