I having the following PIX 515e firewalls at the Head Office.
1. Active PIX 515 E is having 6.3(5) IOS,16 MB Flash and 128 MB RAM with UR license with Failover .
2.The Standby PIX 515 e is having the 6.3 (5) IOS,16 MB Flash and 128 RAM with FO License.
Now I have 48 small branches accross the country all used to connect to the Head Office through the IPSec tunnel.
Now my problem is Fail Over configuration.
I know two method of configuring the Failover
1. Cable Based Failover
2.LAN based fail over.
My doubt is it possibel to have the Link State in Cale based Failover?If so how t do it?
In LAN based is o.k,e0 interface for OUTSIDE,e1 for INSIDE,e2 for Link STATE and e3 for FAILOVER.
In either case what is the IP address to be given for the OUTSIDE interface,if it not the SAME IP ADDRESS then VPN client connectivity will be problem if the PRIMARY (Active) firewall is down,because the VPN tunnels are established to teh PUBLIC IP address of the PRIMARY firewall,if the Secondary (Standby) fireall's OUTSIDE interface is not having the same IP Address as teh Primary then the VPN Client will not be able to connect through the VPN.
Please guide me to configure failover to meet my requirement that i sall my VPN clients should be able to connect to the seondary file wallif teh Primary firewall fails.