I have the following scenario and I really need your help on; Im trying to build the network design for a company who has 2 internet links (asymmetric links). The 2 standalone border routers will be followed by a tier of IPS and then by another tier of PIX firewalls.
I need your help in putting the network design together; I put a draft diagram based on my thoughts and Im attaching with this post the draft network layout, however I have the following concerns with the setup:
1-Since both internet links will be active, both the IPS and FW should be in Active-Active mode so they can process the traffic coming from both router links. My concern on this point is the Active-Active setup of the PIX FW because Im aware that the Active-Active configuration is not mature and its originally designed to support different internal subnets and not the same internal network. What do you think?
2-Is their a possibility that the traffic that arrived from one internet link, to leave the network from the other link?
3-How can I guarantee that the traffic that arrived through Router 1 in the diagram attached will be routed through interface 1 or interface 2?
Thanks for your cooperation and appreciate your feedback.