I have two Firewalls ( PIX and ASA ) connected each with a Router which is connected to ISP.
I am looking to have Failover over between these two Firewalls so that internet traffic should auto
divert when one of the ISP fails.
I am struck at the following points -
1) I have connected PIX and ASA using DMZ4 and DMZ1 respectively using same security and ICMP allowed on both FW.
But i am still not able to PING between them.
2) ASA FW which is connected to Internet facing router has been used as primary internet and backup Internet will be PIX FW which is facing towards another ISP..
Hence i wanted to know what all comands( NAT/routing) i should use at ASA so that when priamay ISP link down it should divert to Secondary ISP.
Currently Tracking is only configured towards priamry ISP end Ip address and still not towards Secondary ISP. hence my query is
should i point my tracking as secondary ISP FW or my next PIX outside IP .
Thanks for your all advise and posts.