--R1-------e0--firewall 1--e2--------R3-----
                    e3|     |e4
                         |     |
                         |     |
                    e3|     |e4
------------e0--firewall 2--e2-------------

------------FW1----------

FW1(config)# show running-config
: Saved
:
PIX Version 7.2(2)
!
hostname FW1
enable password 8Ry2YjIyt7RRXU24 encrypted
names
!
Ethernet0
nameif inside
security-level 100
ip address 192.168.1.1 255.255.255.0 standby 192.168.1.2
!
interface Ethernet1
shutdown
no nameif
no security-level
no ip address
!
interface Ethernet2
nameif outside
security-level 0
ip address 172.16.1.1 255.255.0.0 standby 172.16.1.2
!
interface Ethernet3
description LAN Failover Interface
!
interface Ethernet4
description STATE Failover Interface
!
passwd 2KFQnbNIdI.2KYOU encrypted
ftp mode passive
access-list 100 extended permit icmp any any
pager lines 24
mtu outside 1500
mtu inside 1500
failover
failover lan unit primary
failover lan interface failover Ethernet3
failover lan enable
failover key *****
failover link state Ethernet4
failover interface ip failover 10.1.0.1 255.255.255.0 standby 10.1.0.2
failover interface ip state 10.0.0.1 255.0.0.0 standby 10.0.0.2

---------------F2

interface Ethernet3
no shutdown

failover
failover lan unit secondary
failover lan interface failover Ethernet3
failover lan enable
failover key *****
failover interface ip failover 10.1.0.1 255.255.255.0 standby 10.1.0.2

当F2配置好了以后，检测到Secondary开始发送配置同步。

成功测试过程：图中为15个点不能转发数据包，即30秒时间切换！