Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

FWSM Failover

Hi,

This scenario involved 2 Cat6513 (CAT01 and CAT02) with FWSMs.

Will it trigger the failover if one of the VLAN interface in the CAT01 down, affecting network access to the end-users sitting on that particular VLAN?

Thanks.

AK

1 REPLY

Re: FWSM Failover

Hi,

The answer to this question is yes...if you only have 2 interfaces on the module. The FWSM uses the 50% rule to force a failover. That is, if 50% of the interfaces on the module are down, we will failover. The logic here is that while you might have a number of logical interfaces on the firewall, you are really using only one physical interface from the module to the switch. If an interface is down, it is more likely to be a config issue rather than a hardware issue. If a config issue, the same issue is likely to be persistent on the backup FWSM/switch as well. We are looking at making this percentage configurable in a future release but right now, this is hard-coded at 50%. Hope this helps.

Scott

110
Views
0
Helpful
1
Replies
CreatePlease to create content