I have to configure failover Active/Standby on my ASA 5510.
I am wondering how i could do for the outside interface, i mean, actually the ASA1--outside interface is linked directly to our Internet router.
So now if i have to add ASA2 connecting to that router i will need a switch between them.
I have already a switch for DMZ & LAN.
The thing is that i will have to allow 3 switchs ports to communicate with each others.
- 1 for ASA1--outside
- 1 for ASA2--outside
- 1 for Internet router
How could i isolate these 3 ports to make them communicate alone ? Should i use VLAN for that ?
And if i use VLAN, will this require to make any change of configuration on my firewalls (ASA1 & ASA2) outside interface ?
I am a bit lost with this, if i am correct i will not have to do some "vlan tagging" on the firewall itself ?
Thank you for your answer.