server gateway address

Unanswered Question
Feb 10th, 2009

FWSM in multi context mode and routed mode.

I'm coming from checkpoint world and there we have VRRP gateways we handout to clients/servers. Going through a config guide for FWSM I see the following.

My quiestion is which address will be handed out to the clients/servers

interface vlan 201

nameif inside

security-level 100

ip address 10.0.3.1 255.255.255.0 standby 10.0.3.2

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (2 ratings)
Loading.
Jon Marshall Tue, 02/10/2009 - 07:27

It would be the address assigned to the primary firewall - in your example from above 10.0.3.1. If the primary firewall fails over to the standby the address moves to the standby as well.

Jon

Tyrone Van Der Haar Wed, 02/11/2009 - 00:16

one last question, I suppose if I'm setting up a static route I point it to the active firewall and if that goes down the adddress is moved to the standby?

Just have to make sure:-)

Jon Marshall Wed, 02/11/2009 - 02:24

Just have to make sure:-) - nothing wrong with that :-)

Yes, you would use the primary firewall IP address as the next-hop in your static route.

Jon

Actions

This Discussion