Command replication – Cisco ASA 5505 User Manual
Page 1309
62-3
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter 62 Configuring Active/Standby Failover
Information About Active/Standby Failover
On the standby unit, the configuration exists only in running memory. To save the configuration to flash
memory after synchronization, do the following:
•
For single context mode, enter the write memory command on the active unit. The command is
replicated to the standby unit, which proceeds to write its configuration to flash memory.
•
For multiple context mode, enter the write memory all command on the active unit from the system
execution space. The command is replicated to the standby unit, which proceeds to write its
configuration to flash memory. Using the all keyword with this command causes the system and all
context configurations to be saved.
Note
Startup configurations saved on external servers are accessible from either unit over the network and do
not need to be saved separately for each unit. Alternatively, you can copy the contexts on disk from the
active unit to an external server, and then copy them to disk on the standby unit, where they become
available when the unit reloads.
Command Replication
Command replication always flows from the active unit to the standby unit. As commands are entered
on the active unit, they are sent across the failover link to the standby unit. You do not have to save the
active configuration to flash memory to replicate the commands.
lists the commands that are and are not replicated to the standby unit.
Note
Changes made on the standby unit are not replicated to the active unit. If you enter a command on the
standby unit, the ASA displays the message
**** WARNING **** Configuration Replication is NOT
performed from Standby unit to Active unit. Configurations are no longer synchronized.
This message appears even when you enter many commands that do not affect the configuration.
If you enter the write standby command on the active unit, the standby unit clears its running
configuration (except for the failover commands used to communicate with the active unit), and the
active unit sends its entire configuration to the standby unit.
Table 62-1
Command Replication
Command Replicated to the Standby Unit
Commands Not Replicated to the Standby Unit
All configuration commands except for mode,
firewall, and failover lan unit
All forms of the copy command except for copy
running-config startup-config
copy running-config startup-config
all forms of the write command except for write
memory
delete
crypto ca server and associated sub commands
mkdir
debug
rename
failover lan unit
rmdir
firewall
write memory
mode
—
show
—
terminal pager and pager