One more thing during the qemu installation I use this command to make it ifconfig eth0 promisc up
I have seen people using "ifconfig eth0 up" As i know for promisc it will process all the packet wether or not it is destined to it. Imran On Sat, Oct 17, 2009 at 10:27 AM, imran mohammed <[email protected]>wrote: > There is nothing in switch configs.They are just defaults.I didnt configure > trunk on the port connected to firewall. > Do i need to do that? > > Imran > > > On Sat, Oct 17, 2009 at 10:24 AM, Johan Bornman <[email protected]> wrote: > >> Can you sent the switch config’s? >> >> >> >> *From:* imran mohammed [mailto:[email protected]] >> *Sent:* 17 October 2009 06:52 >> >> *To:* Johan Bornman >> *Cc:* Dave Craddock; Cisco certification; OSL CCIE Security Lab Exam >> *Subject:* Re: [OSL | CCIE_Security] Active/standby failover on Qemu >> issues >> >> >> >> I did a no shut. >> >> Do I need to configure a trunk on the switch?? >> >> Imran >> >> On Sat, Oct 17, 2009 at 10:18 AM, Johan Bornman <[email protected]> wrote: >> >> Imran, >> >> >> >> Nothing obvious in your config that is I can see is wrong. >> >> 1. Did you “no shut” the eth0/2 int on the secondary asa? >> >> 2. Did you configure trunking, vlan’s on the switches? >> >> >> >> Johan >> >> >> >> *From:* imran mohammed [mailto:[email protected]] >> *Sent:* 17 October 2009 06:40 >> *To:* Johan Bornman >> *Cc:* Dave Craddock; Cisco certification; OSL CCIE Security Lab Exam >> >> >> *Subject:* Re: [OSL | CCIE_Security] Active/standby failover on Qemu >> issues >> >> >> >> Hi, >> >> Here is my config >> >> interface Ethernet0/0 >> nameif outside >> security-level 0 >> ip address 10.1.1.2 255.255.255.0 standby 10.1.1.3 >> ! >> interface Ethernet0/1 >> nameif inside >> security-level 100 >> ip address 20.1.1.2 255.255.255.0 standby 20.1.1.3 >> ! >> interface Ethernet0/2 >> description LAN/STATE Failover Interface >> ! >> interface Ethernet3 >> shutdown >> no nameif >> no security-level >> no ip address >> ! >> interface Ethernet4 >> shutdown >> no nameif >> no security-level >> no ip address >> ! >> ftp mode passive >> pager lines 24 >> mtu outside 1500 >> mtu inside 1500 >> failover >> failover lan unit primary >> failover lan interface FAIL Ethernet0/2 >> failover link FAIL Ethernet0/2 >> failover interface ip FAIL 40.1.1.2 255.255.255.0 standby 40.1.1.3 >> icmp unreachable rate-limit 1 burst-size 1 >> no asdm history enable >> arp timeout 14400 >> >> >> ****************************************************************************** >> >> failover >> failover lan unit secondary >> failover lan interface FAIL Ethernet0/2 >> failover link FAIL Ethernet0/2 >> failover interface ip FAIL 40.1.1.2 255.255.255.0 standby 40.1.1.3 >> >> Please help me with. >> >> Is ur active/standby working Qemu ?? >> >> Regards >> Imran >> >> On Sat, Oct 17, 2009 at 9:59 AM, Johan Bornman <[email protected]> wrote: >> >> Send your configs please. >> >> >> >> *From:* [email protected] [mailto: >> [email protected]] *On Behalf Of *imran mohammed >> *Sent:* 17 October 2009 06:27 >> *To:* Dave Craddock >> *Cc:* Cisco certification; OSL CCIE Security Lab Exam >> *Subject:* Re: [OSL | CCIE_Security] Active/standby failover on Qemu >> issues >> >> >> >> Yes I can ping the interfaces and I have failover link configured.If I do >> the failover active that works. >> >> Regards >> Imran >> >> On Sat, Oct 17, 2009 at 1:22 AM, Dave Craddock <[email protected]> wrote: >> >> Can you ping the active and standby addresses on both sides of the >> firewalls >> >> And how have you got your failover link configured and connected? >> >> >> >> Dave >> >> >> >> >> >> From: [email protected] >> [mailto:[email protected]] On Behalf Of OSL CCIE >> Security Lab Exam >> Sent: 16 October 2009 20:03 >> To: Cisco certification; [email protected] >> Subject: [OSL | CCIE_Security] Active/standby failover on Qemu issues >> >> >> >> >> Hi All, >> >> >> The issue is iam doing active standby.I have got sw1 connected on >> outside and sw2 inside.To the switch are connected the routers. >> >> Iam able to ping the routers ie the traffic is going through the >> firewall primary.But iam not able to replicate the failover. >> >> Suppose if i enable monitor interface on inside and shut down the link >> on the sw2 where it is connected to inside interface i cannot see the >> failover happening. >> when i do show monitor interface everything shows normal.even if i >> remove the link.So how should i create the failover scenario. >> >> I >> Regards >> Imran >> >> >> >> >> >> >> > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
