11-04-2007 11:47 AM - edited 03-09-2019 07:13 PM
Hello ,
We have implemented HSRP configuration between the core switches for 20 VLANs, as the following:
HSRP Configuration for switch 1;
Interface Vlan4
Description âVLAN Descriptionâ
Ip address 192.168.8.2 255.255.255.0
Standby 5 ip 192.168.8.1
Standby 5 timer 5 15
Standby 5 preempt
!
HSRP Configuration for switch 2;
Interface Vlan4
Description âVLAN Descriptionâ
Ip address 192.168.8.3 255.255.255.0
Standby 5 ip 192.168.8.1
Standby 5 timer 5 15
Standby 5 priority 50
Standby 5 preempt
Now, Only on the active core switch we have inserted a firewall Module to protect VLANs communication to each other while we dont have firewall on the standby switch. Im planning to implement firewall only on one switch if the VLAN fail the traffic will be diverted on the second switch without firewalling.
Would you please assist me on Firewall configuration when i have HSRP running as per my config.
Regards,
11-09-2007 11:52 AM
The transparent firewall feature greatly simplifies deployment in the data center for protecting hosts. The transparent firewalls also fit into existing networks with no Layer 3 changes and transparently pass Layer 3 traffic from routers, allowing interoperability with IP services such as Hot Standby Router Protocol (HSRP), Virtual Router Redundancy Protocol (VRRP), Gateway Load Balancing Protocol (GLBP), Multicast, and non-IP traffic such as Internetwork Packet Exchange (IPX), Multiprotocol Label Switching (MPLS), and bridge protocol data units (BPDUs).
11-09-2007 06:13 PM
Hello vkapoor5 ;
Thanks alot for your suggestion to use transparent firewall mode, Would you please send me a sample configuration of protecting many VLANs in te data center by using transparent Mode.
I tried to find on Cisco web site but could not get any helpful sample.
Your support is appreciated.
Regards,
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: