Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

HSRP Configuration Help Req

I wanted to configure my network for HSRP. I have two Catalyst 4507 as core switches which are connected with cisco pix firewall. Core switches are running HSRP and have dot1q trunnking enable.

Internet Routers are also running HSRP.

Firewall ports are connected in VLAN as access ports. No trunking on pix firewall ports.

I have attched the network digram for your review. On each VLAN I have given the standby IP address. That standby IP address is gw for firwall.

1. Will that configuration works or not.

2. Any limitation of firewall access port or trunk ports.

3. Vlan configuration is right or wrong as well as standby


Please help me out. I will be very greatful to you all.

I have attached the network diagram for your review

Hall of Fame Super Blue

Re: HSRP Configuration Help Req


1) Yes it should work fine

2) The ports are fine as access ports. Only time you may want to consider trunks is if you run out of physical interfaces.

3) Vlan configuration is fine.



New Member

Re: HSRP Configuration Help Req

Thanks for the reply, I have 4507 with 96 ports, so port limitation is not issue.

If you see my network diagram, can you tell me shall i also make the HSRP on switches located behind the Internet router.

Or only core switch redundeny and Internet Router redundency is enough.

What about Load balancing on core switches. With HSRP i will get only Redundency not the load balancing. I will maill you the whole configuration with proper steps.

Cisco Employee

Re: HSRP Configuration Help Req

Hi Wasim,

This configuration looks fine. I think as far as this site is concerned this redundancy is absolutely perfect.

Yes, with HSRP you have the once gateway only but in this case you can configure MHSRP and have both the switches load-share your traffic and work as active-active for the respective vlans that they will be routing for.

HTH,Please rate if it does.

-amit singh