Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Cisco IOS Firewall Cluster

Hello,

I am new to firewalling with Cisco devices and need a point in the right direction to create a failover cluster between two C2851 (12.24T) configured as a IOS Firewall. Any information, how to's or links would be appreciated.

Thanks

Michael

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Cisco IOS Firewall Cluster

Hi,

Not sure if this is what you're looking for, but you can configure Layer 3 redundancy with either HSRP, VRRP or GLBP to have two IOS routers work in conjunction. You can have one active and one standby or doing load-balancing depending on the protocol chosen and the configuration.

So, having two routers with L3 redundancy, allows the internal network (or VLANs) to use both routers to get out to the Internet.

If having IOS Firewall configured, then the routers work together to provide a fall-back mechanism in case of one router failing.

If one of the two router fails, you can have the other router assume the active role and pass all the traffic (most of the times without any interrumption of service for the end users).

There are optional features like tracking interfaces, preemption and adjusting timers to improve convergence.

Is this what you're looking for?

Federico.

2 REPLIES

Re: Cisco IOS Firewall Cluster

Hi,

Not sure if this is what you're looking for, but you can configure Layer 3 redundancy with either HSRP, VRRP or GLBP to have two IOS routers work in conjunction. You can have one active and one standby or doing load-balancing depending on the protocol chosen and the configuration.

So, having two routers with L3 redundancy, allows the internal network (or VLANs) to use both routers to get out to the Internet.

If having IOS Firewall configured, then the routers work together to provide a fall-back mechanism in case of one router failing.

If one of the two router fails, you can have the other router assume the active role and pass all the traffic (most of the times without any interrumption of service for the end users).

There are optional features like tracking interfaces, preemption and adjusting timers to improve convergence.

Is this what you're looking for?

Federico.

New Member

Re: Cisco IOS Firewall Cluster

Thanks Federico.

This was basically what i wanted to know and with your help i found a useful link in Cisco (https://learningnetwork.cisco.com/docs/DOC-1562 ).

Thanks

933
Views
0
Helpful
2
Replies