Re: [fw-wiz] PIX stateful failover and crossover cables
From: Kerry Thompson (kez_at_crypt.gen.nz)
Date: 01/19/05
- Previous message: Smith, Aaron: "RE: [fw-wiz] Exchange 2003 OWA security questions"
- In reply to: mkrbeck_at_hushmail.com: "[fw-wiz] PIX stateful failover and crossover cables"
- Next in thread: dave: "Re: [fw-wiz] PIX stateful failover and crossover cables"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: mkrbeck@hushmail.com Date: Thu, 20 Jan 2005 08:02:40 +1300 (NZDT)
mkrbeck@hushmail.com said:
> I recall reading a detailed technical paper recently on the cisco
> site
> where it was recommended that pix stateful interface traffic always
> be passed thru a switch (as opposed to a x-over cable) between a
> pair of pix chassis, regardless of whether the deployment is
> serial cable or LAN failover, however I cannot find it again, would
> anyone have a link for it or a copy ??
http://www.cisco.com/warp/public/110/failover.html
There is good reasoning behind this. If you have a crossover cable and one
end fails ( or it is disconnected ), then the other end will also see the
loss of carrier and conclude that it has an interface failure.
Kerry
-- Kerry Thompson, CCNA CISSP Information Systems Security Consultant http://www.crypt.gen.nz _______________________________________________ firewall-wizards mailing list firewall-wizards@honor.icsalabs.com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Smith, Aaron: "RE: [fw-wiz] Exchange 2003 OWA security questions"
- In reply to: mkrbeck_at_hushmail.com: "[fw-wiz] PIX stateful failover and crossover cables"
- Next in thread: dave: "Re: [fw-wiz] PIX stateful failover and crossover cables"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
