03-27-2007 01:51 AM - edited 02-21-2020 01:27 AM
Hi all,
I have basic question related to failover
of PIX. I know that when I want to do
PIX failover both devices should be the same related to HW. What on the other hand is better or more useful? Failover with Cisco Primary-Secondary cable or throught eth/fasteth. interfaces of PIX itself?
BR
jl
03-27-2007 02:36 AM
Hi
If the firewalls are within 6 feet of each other then the serial cable is a better bet for non stateful failover. This is because the standby can detect if the primary has lost power which is not detectable using an ethernet cable so failover takes longer. Also if you use an ethernet cable the switch becomes a single point of failure.
If you want to do stateful failover you have to use an ethernet cable. However this does not stop you using the serial cable for non-stateful failover as well.
HTH
Jon
03-27-2007 06:06 AM
Hi,
so does it mean that I can use both together?
Thanks,
jl
03-27-2007 06:13 AM
Hi
yes you can. If you want stateful failover you have to use an ethernet cable, the serial cable will not do stateful failover. However you can use the serial cable for non-stateful failover and the ethernet cable for stateful failover.
We do this where i work all the time.
HTH
Jon
03-27-2007 06:14 AM
You can use both together. When PIX was new, some use both because they experience problem using the serial cable alone - but this time I don't see the problem using the serial alone.
03-27-2007 11:42 PM
Hi all,
thanks a lot for help and explanation.
Ill do it both.
BR
jl
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide