Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

High Availability with Security design - Please help -

Hi all,

Could someone please validate the below proposed design per redundancy perspective:

BOM:

2 Cisco 4506 as core with Catalyst 4500 Supervisor IV (2 GE),Console(RJ-45)

2 Cisco 2821 series routers with 2821 w/ AC PWR,2GE,4HWICs,3PVDM,1NME-X,2AIM,IP

BASE,64F/256D

2 Cisco 3750 Distribution switches Catalyst 3750 12 SFP + IPB Image

10 Catalyst 3560 48 10/100 PoE + 4 SFP IPB Image access switch AND

2 ASA 5520 Appliance with SW, HA, 4GE+1FE, 3DES/AE including AIP-SSM 20.

SOW:

-- The two different ISP routers are connected with two Layer 2 switches. Is this right approach?

-- The two ASAs are configured in Active-Standby mode and connected to Layer-2 switch on 'outside' port.

-- The two 4506 switch configured with HSRP on LAN side and connected to both the ASAs on 'inside' port.

Let me write if i am wrong somewhere.

Thanks,

JBP

1 REPLY
New Member

Re: High Availability with Security design - Please help -

If you are going with BGP, upgrade the RAM on the 2821s...or move to 2851s.

What 2 layer 2 switches will you be using on the outside? I don't see any in your list...but that is fine, you could even use dumb switches on the outside...

109
Views
0
Helpful
1
Replies
CreatePlease to create content