- Blue, 1500 points or more
Can you run GLBP on a PIX firewall?
Can you run GLBP on a 3750? ( I dont think so)
Alright, give us a chance, we brits work at a different pace you know :-)
Pix failover uses 2 IP addresses only. So in your diagram
F1 = 10.182.18.49
F2 = 10.182.18.50
These IP addresses are attached to the physical interfaces of your firewalls and you can telnet to either of them. The primary firewall, lets say F1 in this case, will respond to 10.182.18.49.
When V1 learns routes from E1 and V2 learns routes from E2 they both route via F1 which is using 10.182.18.49. And this is the address ytou would use as the next hop for both V1/V2 & E1/E2.
If the primary fails then the secondary firewall whose physical interface is still 10.182.18.50 will now becomes responsible for 10.182.18.49 and will accept packets destined for this address. So no you don't have to manually fail it over, the secondary just starts to answer to 10.182.18.49.
Is this what you need or are you wanting to understand exactly how Cisco do Pix failover ?
NR = Network Rail, UK compnay repsonsible for rail infrastructure (tracks, stations etc), in fact most things except the actual trains.
No to both....
The PIX/ASA uses failover to achieve redundancy so no HSRP or GLBP functionality.
The 3750 only supports HSRP, so no VRRP or GLBP unfortunately.