04-24-2010 10:06 PM - edited 03-11-2019 10:37 AM
Hello,
I am new to firewalling with Cisco devices and need a point in the right direction to create a failover cluster between two C2851 (12.24T) configured as a IOS Firewall. Any information, how to's or links would be appreciated.
Thanks
Michael
Solved! Go to Solution.
04-24-2010 10:52 PM
Hi,
Not sure if this is what you're looking for, but you can configure Layer 3 redundancy with either HSRP, VRRP or GLBP to have two IOS routers work in conjunction. You can have one active and one standby or doing load-balancing depending on the protocol chosen and the configuration.
So, having two routers with L3 redundancy, allows the internal network (or VLANs) to use both routers to get out to the Internet.
If having IOS Firewall configured, then the routers work together to provide a fall-back mechanism in case of one router failing.
If one of the two router fails, you can have the other router assume the active role and pass all the traffic (most of the times without any interrumption of service for the end users).
There are optional features like tracking interfaces, preemption and adjusting timers to improve convergence.
Is this what you're looking for?
Federico.
04-24-2010 10:52 PM
Hi,
Not sure if this is what you're looking for, but you can configure Layer 3 redundancy with either HSRP, VRRP or GLBP to have two IOS routers work in conjunction. You can have one active and one standby or doing load-balancing depending on the protocol chosen and the configuration.
So, having two routers with L3 redundancy, allows the internal network (or VLANs) to use both routers to get out to the Internet.
If having IOS Firewall configured, then the routers work together to provide a fall-back mechanism in case of one router failing.
If one of the two router fails, you can have the other router assume the active role and pass all the traffic (most of the times without any interrumption of service for the end users).
There are optional features like tracking interfaces, preemption and adjusting timers to improve convergence.
Is this what you're looking for?
Federico.
04-24-2010 11:57 PM
Thanks Federico.
This was basically what i wanted to know and with your help i found a useful link in Cisco (https://learningnetwork.cisco.com/docs/DOC-1562 ).
Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide