We have two firewalls in active/standby roles and want to implement a high availablility structure with the core switches, firewalls and edge router.
In order to do this, I believe the inside interface of each firewall should go to each core switch, then have a seperate DMZ switch for each firewall, with redundant connections from the servers to each DMZ.
My question involves the Internet edge router and MPLS router.
Is there any way to have the Internet edge router have dual connection to the firewalls, and MPLS router?
Run HSRP between the 2 2900 switches you have there for redundancy between them. Connect these 2 switches together too. Connect the edge router to any one of these switches. On your active firewall put default route to the HSRP ip address configured for the 2900 switches. On 2900 switches you should have a default route to the edge router.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...