Hi,
We are in process of configuring FWSM failover. On cisco's website example is given with all the necessary commands.
I still have one doubt :(
Following is the configuration:
on FWSM
nameif 4000 failover 50
ip add failover 10.40.40.1 / 24
fail ip address failover 10.40.40.2 /24
fail lan int failover ( makes "failover" interface as failover interface and corresponding VLAN-in this case 4000 )
Now my doubt is if this VLAN 4000 is a failover interface over which all the connection tables and other signalling will be flowing for autofailover.
We will create VLAN 4000 and add it to this modeule vlan-group, by firewall vlan-group command. Do we need to add some ports to this vlan ( that is VLAN 4000) on both the switches and connect a cables between the corresponding ports.
For example : port gig2/5 will be made member of VLAN 4000 on both switches and connect a cable between these tow ports.
Or existing trunk which by default carries traffic for all VLAN's is sufficient.
Please share the experience.
Thanks in advance.
subodh