Security considerations, Limitations of remote command execution, Controlling failover – Cisco ASA 5505 User Manual
Page 1347: Forcing failover
63-23
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter 63 Configuring Active/Active Failover
Controlling Failover
Security Considerations
The failover exec command uses the failover link to send commands to and receive the output of the
command execution from the peer unit. You should use the failover key command to encrypt the failover
link to prevent eavesdropping or man-in-the-middle attacks.
Limitations of Remote Command Execution
When you use remote commands you face the following limitations:
•
If you upgrade one unit using the zero-downtime upgrade procedure and not the other, both units
must be running software that supports the failover exec command for the command to work.
•
Command completion and context help is not available for the commands in the cmd_string
argument.
•
In multiple context mode, you can only send commands to the peer context on the peer unit. To send
commands to a different context, you must first change to that context on the unit to which you are
logged in.
•
You cannot use the following commands with the failover exec command:
–
changeto
–
debug (undebug)
•
If the standby unit is in the failed state, it can still receive commands from the failover exec
command if the failure is due to a service card failure; otherwise, the remote command execution
will fail.
•
You cannot use the failover exec command to switch from privileged EXEC mode to global
configuration mode on the failover peer. For example, if the current unit is in privileged EXEC
mode, and you enter failover exec mate configure terminal, the show failover exec mate output
will show that the failover exec session is in global configuration mode. However, entering
configuration commands for the peer unit using failover exec will fail until you enter global
configuration mode on the current unit.
•
You cannot enter recursive failover exec commands, such as failover exec mate failover exec mate
command.
•
Commands that require user input or confirmation must use the /nonconfirm option.
Controlling Failover
This sections describes how to control and monitor failover. This section includes the following topics:
•
•
Disabling Failover, page 63-24
•
Restoring a Failed Unit or Failover Group, page 63-24
Forcing Failover
Enter the following command in the system execution space of the unit where the failover group is in the
standby state: