Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX Failover with DMZ

I have heard from a colleague of mine that there may be some issues with a failover setup and using a DMZ. Can anyone give me a configuration example or other wise direct me?

Thanks,

Philip-

2 REPLIES
Cisco Employee

Re: PIX Failover with DMZ

Hi,

We have not heard of any such thing. If you are using statefull failover, then use a separate interface other then DMZ for failover updates.

Here is the link for failover.

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v52/config/advanced.htm#10796

Config for DMZ are similiar to configuring inside/outside

Thanks

Nadeem

New Member

Re: PIX Failover with DMZ

Also, make sure both firewalls in the failover pair have a DMZ interface. Then make sure both DMZ interfaces can connect on the same LAN. The firewalls must poll and answer each other on EVERY interface that is in use, or failover can be triggered.

DaveH

117
Views
0
Helpful
2
Replies