will primary PIX 515 MAC address move to the seconday PIX on failover?
We are currently, successfully running 2 PIX firewall 515s. Our outside interfaces connect to a Motarola Surfboard Cable Modem and than to our Lightpath cable ISP. We are running 6.0(1) OS. We have been told by Lightpath that if we connect a new device to the cable modem, that the modem must be powered off, than on, than the new device powered on. This is to capture the new MAC address at Lightpath. If it doesn't come up and work right away you may have to wait as long as an hour for the new MAC to be captured or we can call and have them clear the "Host table". Obviously, we don't do this often. However, we would like to instatute a failover PIX 515. I understand that the IP address of the outside interface will failover to the standby PIX but what happens to the MAC? Can we enter duplicate MAC addresses in both PIXs to override the Burned In Address as you can do in some routers? If not does this mean we cannot use failover with our cable ISP?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...