Re: [fw-wiz] PIX Failover & Other Queries
- From: "Paul Melson" <pmelson@xxxxxxxxx>
- Date: Wed, 11 Oct 2006 11:04:55 -0400
-----Original Message-----
Subject: [fw-wiz] PIX Failover & Other Queries
Is it possible to have to firewalls in a failover set failover as normal,but have the failover Pix have
a different outside IP address?
No.
What about upgrading the licence from FO to UR - would that allow it?
No.
The best possible solution I've managed to come up with so far, is to havetwo routers (or L3 switches)
- just outside each of the Pix's - configured for HSRP. If the main linkgoes down, what I would like to
happen is for the other router to take over via HSRP, and for the firewallpair to failover to the
backup. Does that sound feasible?
This is probably your best option. Whether you use OSPF and HSRP between
the routers or go to BGP to load-share across the two connections, using
routers outside the PIX's is the best way to get redundant paths with
different IP addresses.
PaulM
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
- References:
- [fw-wiz] PIX Failover & Other Queries
- From: James Burns
- [fw-wiz] PIX Failover & Other Queries
- Prev by Date: Re: [fw-wiz] firewall-wizards Digest, Vol 6, Issue 4
- Next by Date: [fw-wiz] PIX 535: High CPU, High-Latency
- Previous by thread: [fw-wiz] PIX Failover & Other Queries
- Next by thread: Re: [fw-wiz] firewall-wizards Digest, Vol 6, Issue 4
- Index(es):
