Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

2 Pix's in Failover config working with BGP Peering

Hi, i have two Pix's, one Active the other failover - pointing to two routers (each connected to a different ISP configured with HSRP. My question is, obviously the PIX cannot run any dynamic protocols except RIP (which is not an option). i have a static route pointing to the VIP, is this enough to ensure routing provided one of my links goes down? How will the Pix behave when on ISP goes down or on Router goes down? Obviously, we have a public AS which is configured on both internal routers which are outside the pix connected to the ISP's routers.

2 REPLIES
New Member

Re: 2 Pix's in Failover config working with BGP Peering

Hi,

The pix firewall should be fine with this configuration. If a router fails or a link fails provided you have tracking configured on the routers to monitor the connection to the ISPs then this configuration should work fine. The pix will use the VIP as its default route which should be transferred from one router to the other incase of failures.

The following link provide a very detailed overview of configuring BGP across PIX firewalls and how to achieve redundancy in multihomed BGP and PIX environment.

http://www.cisco.com/warp/public/459/BGP-PIX.htm#intro

New Member

Re: 2 Pix's in Failover config working with BGP Peering

Thanks a million for you feedback!!

80
Views
0
Helpful
2
Replies