Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

FWSM Bridge Mode

Just found out a requirement I did not know about.

I had failover set up for FWSM across two 6500 chassis. Things worked great....except failover between the two chassis took about 4 seconds. I tested and each of five failovers I had a user drop about 3-5 pings before the standby FWSM took over.

So, it looks like I need to take the default gateways off the FWSM and go back to HSRP.

Has anyone had any success with FWSM in bridge mode?

I am going to start scouring the site for links right now but thought I would ask here first.

Thanks!

James

2 REPLIES

Re: FWSM Bridge Mode

Sounds about right, even if you use the lowest hello timers (500mS) it will still spend 3-4 seconds before a failover accours, interface down detection can be optimized by using the autostate feature in the switch, which does not work in VSS setups.

Community Member

Re: FWSM Bridge Mode

I will be running SSO fail over. I have redundant Supes in each of two chassis. I will not be running VSS mode because customer is not comfortable with it.

162
Views
0
Helpful
2
Replies
CreatePlease to create content