Firewall Module with HSRP switches

Unanswered Question
Nov 4th, 2007

Hello ,

We have implemented HSRP configuration between the core switches for 20 VLANs, as the following:

HSRP Configuration for switch 1;

Interface Vlan4

Description “VLAN Description”

Ip address 192.168.8.2 255.255.255.0

Standby 5 ip 192.168.8.1

Standby 5 timer 5 15

Standby 5 preempt

!

HSRP Configuration for switch 2;

Interface Vlan4

Description “VLAN Description”

Ip address 192.168.8.3 255.255.255.0

Standby 5 ip 192.168.8.1

Standby 5 timer 5 15

Standby 5 priority 50

Standby 5 preempt

Now, Only on the active core switch we have inserted a firewall Module to protect VLANs communication to each other while we dont have firewall on the standby switch. Im planning to implement firewall only on one switch if the VLAN fail the traffic will be diverted on the second switch without firewalling.

Would you please assist me on Firewall configuration when i have HSRP running as per my config.

Regards,

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
vkapoor5 Fri, 11/09/2007 - 11:52

The transparent firewall feature greatly simplifies deployment in the data center for protecting hosts. The transparent firewalls also fit into existing networks with no Layer 3 changes and transparently pass Layer 3 traffic from routers, allowing interoperability with IP services such as Hot Standby Router Protocol (HSRP), Virtual Router Redundancy Protocol (VRRP), Gateway Load Balancing Protocol (GLBP), Multicast, and non-IP traffic such as Internetwork Packet Exchange (IPX), Multiprotocol Label Switching (MPLS), and bridge protocol data units (BPDUs).

abuatiya Fri, 11/09/2007 - 18:13

Hello vkapoor5 ;

Thanks alot for your suggestion to use transparent firewall mode, Would you please send me a sample configuration of protecting many VLANs in te data center by using transparent Mode.

I tried to find on Cisco web site but could not get any helpful sample.

Your support is appreciated.

Regards,

Actions

This Discussion