We are upgrading from active/standby configuration to active/active. What would be the best way to load-balance from the Core 65xx perspective? The firewall's are not running any routing-protocol or VRRP. The Core is running OSPF & CEF. Thanks!
For both CheckPoint and Juniper active/active state, run OSPF in the firewall. In the core, run OSPF load-balancing.
The firewall should see equal path to 2xcore to achieved load balancing in the core (outgoing traffic from Firewall). Do note that the incoming traffic to firewall is already load balancing no matter what is the routing configuration.
Don't forget to put a rule on top of the policy for OSPF connection between firewall and core. That is;
FW-OSPF_ID (if available, I can't remember if Juniper need this but CheckPoint need this)
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...