Failover and PIX.

Unanswered Question
Mar 27th, 2007

Hi all,

I have basic question related to failover

of PIX. I know that when I want to do

PIX failover both devices should be the same related to HW. What on the other hand is better or more useful? Failover with Cisco Primary-Secondary cable or throught eth/fasteth. interfaces of PIX itself?

BR

jl

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Tue, 03/27/2007 - 02:36

Hi

If the firewalls are within 6 feet of each other then the serial cable is a better bet for non stateful failover. This is because the standby can detect if the primary has lost power which is not detectable using an ethernet cable so failover takes longer. Also if you use an ethernet cable the switch becomes a single point of failure.

If you want to do stateful failover you have to use an ethernet cable. However this does not stop you using the serial cable for non-stateful failover as well.

HTH

Jon

Jon Marshall Tue, 03/27/2007 - 06:13

Hi

yes you can. If you want stateful failover you have to use an ethernet cable, the serial cable will not do stateful failover. However you can use the serial cable for non-stateful failover and the ethernet cable for stateful failover.

We do this where i work all the time.

HTH

Jon

Danilo Dy Tue, 03/27/2007 - 06:14

You can use both together. When PIX was new, some use both because they experience problem using the serial cable alone - but this time I don't see the problem using the serial alone.

johnleeee Tue, 03/27/2007 - 23:42

Hi all,

thanks a lot for help and explanation.

Ill do it both.

BR

jl

Actions

This Discussion