cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
378
Views
0
Helpful
4
Replies

Active/Active Failover Config on PIX-version 7.2

acharyr123
Level 3
Level 3

I want to configure active/active on pix 525 having version 7.2. currently these 2 devices are configured without any failover mode.

I have 2 ISP, isp1 & isp2 . I want any outbound traffic will go via these 2 isp'2 in a load balancing method. means 1st packet will go via isp1 & 2nd from isp2.

I believe there will be only 1 IP on these 2 devices configured in active/active mode. So how the packet flow will be done & the config of the firewall is also required to be discussed.

can someone help me in this regard please??

4 Replies 4

opers13
Level 1
Level 1

for Active/Active, you must enable Security Context.

do a "sh ver" and check you Security Context licenses...

Active/Actice failover uses the security contexts so that both firewalls can be operational simultaniously. You need to ensure that you have the appropriate Failover and Context licenses on both devices.

In brief, during normal operation:

Firewall 1 is Active for Context A and Standby for Context B

Firewall 2 is Active for Context B and Standby for Context A

In case of failover, the surviving Firewall becomes Active for both Contexts.

Therefore each device needs to be connected identically to the appropriate LANS. Additioanly you should have a dedicated interface for the statefull traffic.

Also, the contexts must be in routed mode, not transparent for failover to operate.

Thanks Mark. Thats really a good idea that you shared with me. Can u please help me with some config guide for the same or some dummy config steps that i need to follow at the time of configuration.

Fist of all run "sh ver" on both devices, and ensure that everything is identical, hardware model, number of interfaces, failover licenses, encryption etc.

Cisco provide a basic active/active config here

http://www.cisco.com/en/US/products/ps6120/products_configuration_guide_chapter09186a008045247e.html#wp1046980

** please rate posts if helpful **

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: