High Availability with Security design - Please help -

Unanswered Question
Jun 24th, 2008
User Badges:

Hi all,


Could someone please validate the below proposed design per redundancy perspective:


BOM:


2 Cisco 4506 as core with Catalyst 4500 Supervisor IV (2 GE),Console(RJ-45)

2 Cisco 2821 series routers with 2821 w/ AC PWR,2GE,4HWICs,3PVDM,1NME-X,2AIM,IP

BASE,64F/256D

2 Cisco 3750 Distribution switches Catalyst 3750 12 SFP + IPB Image

10 Catalyst 3560 48 10/100 PoE + 4 SFP IPB Image access switch AND

2 ASA 5520 Appliance with SW, HA, 4GE+1FE, 3DES/AE including AIP-SSM 20.


SOW:


-- The two different ISP routers are connected with two Layer 2 switches. Is this right approach?

-- The two ASAs are configured in Active-Standby mode and connected to Layer-2 switch on 'outside' port.

-- The two 4506 switch configured with HSRP on LAN side and connected to both the ASAs on 'inside' port.


Let me write if i am wrong somewhere.


Thanks,


JBP

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
trippi Mon, 06/30/2008 - 18:16
User Badges:

If you are going with BGP, upgrade the RAM on the 2821s...or move to 2851s.

What 2 layer 2 switches will you be using on the outside? I don't see any in your list...but that is fine, you could even use dumb switches on the outside...


Actions

This Discussion