LAN-based failover

Unanswered Question
Jan 28th, 2004
User Badges:

Hi


Regarding LAN-based failover in PIX'es


- is it possible and supported, having multiple failover installation in same subnet/vlan or should each set of PIX'es have their own subnet/VLAN ?


Thanks in advance.


-

Christian

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
scoclayton Wed, 01/28/2004 - 08:00
User Badges:
  • Gold, 750 points or more

Christian,


Same subnet - No

Same Vlan - Yes although not advised


Each interface on the PIX must be in a unique subnet. You can however connect multiple interfaces to the same backend VLAN but I don't know why you would really want to. To be ultra secure, each interface on the primary PIX *should* connect to the stand-by PIX via a seperate switch. In some cases, this is not feasible however so creating seperate VLAN's on 1 or 2 physical switches will also work.


Hope this makes sense.


Scott

Actions

This Discussion