automatic switing of routes through router

Unanswered Question
Mar 16th, 2007
User Badges:
  • Bronze, 100 points or more

hello


is there a way e.g.


we have 2 separate FW 515E connecting to the same company one being pri connection and the other being backup connection, these FW's are connecting to core SW which is also connected to internal core route 3361. suppose the pri link fails and YES the router should be able to identify unreachable destination and immidiatly shifts to back link through the 2nd FW.


both FW's have same destination addresses so you cannot tell the router that if not this then that or visa versa.


i hope my point is clear enough as what i am trying to achieve here.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Danilo Dy Fri, 03/16/2007 - 22:20
User Badges:
  • Blue, 1500 points or more

Thus your FW in HA configuration or standalone configuration?


If they are in HA configuration,n o change necessary. If they are both in standalone configuration, configure floating static route in the router.


Can you post the topology diagram showing the connections end-to-end?



zulqurnain Sat, 03/17/2007 - 04:22
User Badges:
  • Bronze, 100 points or more

hello,


the FW are not in HQ configuration just standalone



zulqurnain Tue, 03/20/2007 - 04:52
User Badges:
  • Bronze, 100 points or more

hello everybody,


any hope to see the light. i mean any ideas or thoughts would be really helpful

sadcock123 Tue, 03/20/2007 - 05:18
User Badges:

OK i am not sure of this would work but here goes.


On the router do the following:-


interface gi1/0/1

ip address "Primary PIX"

ip address "secondary Pix" secondary


The secondary will be on a different subnet.


Have a static route with an AD that is higher than connected (Which will anyway as connected is 0 and static is 1) for the Primary Pix subnet to route to the secondary Pix.

You will have to change the config on the secondary for statics and so forth, but at a glance that might just work.


The problem at a glance with having the same IP as the primary is ARP for example and when to know to go to a different device.


How are you doing this on the inside interface as you will have an ARP issue there, unless you use a L3 device to route everything to .1 but have .2 with a higher AD.


Also the same will have to be done for DMZ's and so forth.


Sorry if this does not work just a quick idea.


Cheers


Steven



Actions

This Discussion