7603 w/ethernet switch module and FWSM ques.

Unanswered Question

I have a client that would like to implement 2 7603's at their internet edge. They will be connecting to 2 isp's and advertising bgp. They would like to use the 2 7603's with 48 port gigabit ethernet switch modules and a fwsm's as their entire internet edge. For some reason, they don't want to layer with Router > switch > firewall....don't ask..i've argued with them but they don't listen. The 2 routers will connect to dual 6506's w/sup720' which will act as the core. Is it possible to trunk the two routers together? im thinking i can terminate each isp link into a layer 3 port, then create a vlan where the outside interface of the fwsm will sit, I believe i can run the fwsm in multiple context mode which will allow fw to run active/active, not sure if this would be the best mode for this configuration. Since they will be taking the default route only i can probably just redistribute the default route via ospf or eigrp into fw. Does anyone have experience with 7603's w/ethernet switchmodule and dual fwsm's? I want to make sure this will work without layering multiple devices.

any ideas, thoughts or suggestions would be appreciated. Thanks.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
jsivulka Fri, 11/23/2007 - 12:09

Yes it is possible to trunk the two routers together but While i pings from outside it did not worked. If I ping the default gateway (FWSM interface) from the real server, the FWSM responds and the pings from the outside suddenly restart.


This Discussion