Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

FWSM module level failover

Hi,

We have two sites DC & DR, with two 6509 and two FWSM.

Data flow is Cloud----Extr RTR--- IntRTR---FWSM---MSFC---, with this we have Internet connection terminated on FWSM with multiple context,

All the Incoming traffic is taken care by BGP at ISP end for failover between DC & DR and we configured HSRP for outgoing traffic failover on IntRTR.

This is our failover scenario, now I want FWSM module level failover, between DC & DR using two independent links on DC & DR.

I am expecting service from DR FWSM in case of FWSM failure at DC but at the same time, I want to use DC Internet connection only. We will use DR link only in case of DC link failure.

Is it possible?

Thank you,

Dinesh

1 REPLY
Silver

Re: FWSM module level failover

The failover configuration requires two identical FWSMs connected to each other through a dedicated failover link and, optionally, a state link. The health of the active interfaces and units is monitored to determine if specific failover conditions are met. If those conditions are met, failover occurs.

Refer the URL below for the configuration guide of FWSM:

http://www.cisco.com/en/US/docs/security/fwsm/fwsm32/configuration/guide/fail_f.html

131
Views
0
Helpful
1
Replies
CreatePlease to create content