server gateway address

770801tvdhaar · ‎02-10-2009

FWSM in multi context mode and routed mode.

I'm coming from checkpoint world and there we have VRRP gateways we handout to clients/servers. Going through a config guide for FWSM I see the following.

My quiestion is which address will be handed out to the clients/servers

interface vlan 201

nameif inside

security-level 100

ip address 10.0.3.1 255.255.255.0 standby 10.0.3.2

Jon Marshall · ‎02-10-2009

It would be the address assigned to the primary firewall - in your example from above 10.0.3.1. If the primary firewall fails over to the standby the address moves to the standby as well.

Jon

Tyrone Van Der Haar · ‎02-10-2009

Thanx!

Tyrone Van Der Haar · ‎02-11-2009

one last question, I suppose if I'm setting up a static route I point it to the active firewall and if that goes down the adddress is moved to the standby?

Just have to make sure:-)

Jon Marshall · ‎02-11-2009

Just have to make sure:-) - nothing wrong with that :-)

Yes, you would use the primary firewall IP address as the next-hop in your static route.

Jon