Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

high availablility firewalls and edge router

We have two core 6509 switchs running HSRP.

We have two firewalls in active/standby roles and want to implement a high availablility structure with the core switches, firewalls and edge router.

In order to do this, I believe the inside interface of each firewall should go to each core switch, then have a seperate DMZ switch for each firewall, with redundant connections from the servers to each DMZ.

My question involves the Internet edge router and MPLS router.

Is there any way to have the Internet edge router have dual connection to the firewalls, and MPLS router?

How is this normally done?

1 REPLY
Community Member

Re: high availablility firewalls and edge router

Run HSRP between the 2 2900 switches you have there for redundancy between them. Connect these 2 switches together too. Connect the edge router to any one of these switches. On your active firewall put default route to the HSRP ip address configured for the 2900 switches. On 2900 switches you should have a default route to the edge router.

Raman

141
Views
0
Helpful
1
Replies
CreatePlease to create content