I've got a pair of PIX 515 in active/standby failover configuration, running
7.2(2). Rather than have a bunch of static routes on the pix, it's running OSPF to learn the inside networks, and to redistribute the default, outside and dmz routes inward. This works fine for the active device, but the standby pix doesn't participate in OSPF (which makes perfect sense). If you cable into the standby and "sh route", all it has are connected routes. Unfortunately, this means it can't return packets to the inside network, so it can't be monitored or otherwise accessed for maintenance. While I can manually verify that the standy is ok by doing "sh fail" on the active, I'd like to have my regular monitoring tools watch it directly. Anybody know of a way to populate the active pix's routes onto the standby, short of adding statics for the inside network?Thanks.