cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
766
Views
5
Helpful
6
Replies

PIX 515E failover

rmartinjr24
Level 1
Level 1

I have a pair of PIX 515E (6.3) running in failover mode. They are currently connecting to a single chassis core. We are upgrading our network with dual 6500's at the core. Is there a way to connect each PIX to a separate core (PIX 1 - Core1, PIX 2 - Core2) to allow for a core failure?

Core 1 and Core 2 will have a L2 link between them. If the current active PIX is connected to Core1, and Core 1 dies, this would not cause the failover PIX to take over. All LAN traffic would be going through Core 2, but since it does not have an active path to the active PIX 1, traffic would drop. Is my thinking correct?

Is there a way to connect the PIX's to dual cores running V6.3?

1 Accepted Solution

Accepted Solutions

Hi,

If you are using cable-based failover, you can change to LAN based failover.

Read http://www.cisco.com/en/US/docs/security/pix/pix63/configuration/guide/failover.html#wp1024836

I hope this helps.

Best regards.

Massimiliano.

View solution in original post

6 Replies 6

Hi,

If you are using cable-based failover, you can change to LAN based failover.

Read http://www.cisco.com/en/US/docs/security/pix/pix63/configuration/guide/failover.html#wp1024836

I hope this helps.

Best regards.

Massimiliano.

We are using cable based. I will look into the LAN based.

Thanks

You're welcome,

Massimiliano.

When running LAN based failover, I see the statefull link only needs two addresses, so I can use a /30 network.

Will the failover network ever need more than 2 addresses? I'm trying to determine which network to carve up for my failover since we are re-addressing as part of this upgrade.

No.

And in fact you could use any network you want (1.1.1.0/30, 192.168.0.0/24...) as you will (should) never route traffic on that network.

Don't forget to trunk that vlan between the two 6500.

thanks

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: