high availablility firewalls and edge router

Unanswered Question
Apr 25th, 2008

We have two core 6509 switchs running HSRP.

We have two firewalls in active/standby roles and want to implement a high availablility structure with the core switches, firewalls and edge router.

In order to do this, I believe the inside interface of each firewall should go to each core switch, then have a seperate DMZ switch for each firewall, with redundant connections from the servers to each DMZ.

My question involves the Internet edge router and MPLS router.

Is there any way to have the Internet edge router have dual connection to the firewalls, and MPLS router?

How is this normally done?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
rkalia1 Sat, 04/26/2008 - 15:07

Run HSRP between the 2 2900 switches you have there for redundancy between them. Connect these 2 switches together too. Connect the edge router to any one of these switches. On your active firewall put default route to the HSRP ip address configured for the 2900 switches. On 2900 switches you should have a default route to the edge router.



This Discussion