Re: [fw-wiz] pix 515 failover
From: Carson Gaspar (carson@taltos.org)
Date: 09/06/02
- Next message: Jamie Gillespie: "Re: [fw-wiz] pix 515 failover"
- Previous message: Carson Gaspar: "Re: [fw-wiz] Application Proxy/L7 Firewall Recommendation?"
- In reply to: barry: "[fw-wiz] pix 515 failover"
- Next in thread: Jamie Gillespie: "Re: [fw-wiz] pix 515 failover"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Carson Gaspar <carson@taltos.org> To: firewall-wizards@honor.icsalabs.com Date: Fri Sep 6 06:19:27 2002
--On Friday, September 06, 2002 9:58 AM +0800 barry
<Barry.Haycock@b-online.com.au> wrote:
> i can setup the failover no problems but my question is
> when the pix fails over does the second one assume the ip address
> assigned to the interface on the primary or does it use the address
> assigned under the failover command for that interface.
>
> if the interface assumes the address assigned under the failover command
> how does one go about routing from a router etc to the firewall??
It's been a while, but I'm fairly certain the the standby PIX assumes both
the IP and MAC addresses of the active PIX during failover. I think it also
does a gratuitous ARP to update the CAM tables in the switches.
A simple network capture would answer this for certain.
-- Carson
- Next message: Jamie Gillespie: "Re: [fw-wiz] pix 515 failover"
- Previous message: Carson Gaspar: "Re: [fw-wiz] Application Proxy/L7 Firewall Recommendation?"
- In reply to: barry: "[fw-wiz] pix 515 failover"
- Next in thread: Jamie Gillespie: "Re: [fw-wiz] pix 515 failover"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
