I am new to PIX and I would like to take the advantage of FO bundle (I learned it is the cheapest among all bundles). I am aware that I cant use Fo bundle as a standalone system (I read that it reboots once every 24 hours if I use it as a standalone firewall).
My question is I am planning to get both UR and FO bundles to operate in Active/Standby configuraiton with state sync. In case if Primary firewall (Here I mean UR bundle) goes down (Power failure), then FO PIX become active one and resumes traffic handling, until here I am clear....Question is what happens if I dont restore the failed UR bundle power in 24 hours, is FO going to reboot? or continues forwarding? as there is no UR beside it.
Good question and one that is often asked. The FO PIX will not reload every 24 hours *if* it is initially booted and is able to contact the active PIX with the UR license. Meaning, as long as failover is configured and cabled when the standby PIX is booted, the PIX will *not* reload every 24 hours even if left in active mode for longer than 24 hours. At this point, you can remove the orginal active PIX (UR license) and replace it if necessary. If for some reason the stand-by PIX (FO license) should reboot while the active PIX (UR license) is missing, the stand-by PIX will begin to reload every 24 hours. I hope this is clear but if not, please let me know.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...