ACE module, redundant access to firewall from 2 sites

Unanswered Question
Apr 17th, 2008
User Badges:

Hi Folks,

I need to provide internal devices with active-active access to our clustered firewall which sits across 2 data centres.


I need to allow internal hosts to reach external/unknown networks via a default route.


We have ACE modules in our internal network aggregation 6513s at each site.


I aim to achieve this using RHI...ie...device at site 1 reaches the internet via firewall at site 1, device at site 2 reaches internet via firewall at site 2 (due to better route). If the firewall is inaccessible from site 2, ACE at site 2 removes the route from the MSFC using RHI and site 2 device traffic is re-routed to the site 1 exit point.


Has anyone out there done this before?


Regards, Steve.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
stevek1 Sun, 04/20/2008 - 17:48
User Badges:

Hi Folks,


It's Steve here again. I haven't had a response to my query as yet, but basically I need to know the validity of using ACE RHI to inject a default route as opposed to a host route.


Can anyone please advise?


Best Wishes, Steve.

Actions

This Discussion