Hi All, pardon me if this question is too easy for the firewall gurus out there. I need to integrate a second firewall for redundancy in my production environment to separate a customer network. All I know is the virtual IP for the pair of customer gateways (3845) running HSRP and the return traffic from the customer network is directed to a single IP a.b.c.d(from the transit network).
The single ASA in production has the outside interface configured with the IP a.b.c.d and the has a static route to direct all traffic to the virtual IP. This interface is directly connected to one of the gateways.
Remember the customer network can only send traffic back on IP a.b.c.d
The second GW interface on the transit network is not currently connected. Now what is the best way to introduce the second ASA without affecting production?
Thank you in advance.