Pls find the attached diagram,
I want to route traffic to web server I'm using static routes pointing to a respective next-hop on a particular router,the devices on customer end firewall is ASA, customer has asked for the prefered interface from firewall-1, i have configured that by increasing the local preference of the route
The link between the distribution switches and the core is MPLS and the customer is configured in the VRF.
Now the issue is:
customer says that when the firewall-1 fails firewall-2 will be active by the same inside interface IP of firewall-1, if it so then all the traffic destined to web server from switch -2 to a next-hop 10.28.50.42 will drop,so in this situation what techniques we shld apply,
Any link or book which will help me.
I have ZERO expanded knowledge of firewall only basic.
unfortunately the common IP subnet is a need for this failover scenarios: because the standby device has to take the same IP address of active one they must be in the same IP subnet.
I can say we have multilayer switches acting as PE nodes and with connections to firewalls.
If your devices are routers you would need to deploy two lan switches in the middle with a L2 trunk between them.
But they look like to be multilayer switches.
remove routed ports and give the IP address to an SVI VlanX , you can put the SVI under VRF we do this commonly.
the routed port becomes a switchport, access port in vlan X
Hope to help