Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

2960 redundancy


We have two Cisco 2960 TT-L switches. I'd like to reduce single points of failure and have dual servers for most tasks. For example, two firewall servers and two web servers. Should one server fail the other will act as a failover.

I'd like to extend the redundancy to the switches, and am thinking of connecting one web server to one switch, and one to the other. In the event a switch failed a set of servers would still run, and be able to talk to each other.

I'd like to run two VLANs, one for the LAN, and one of the WAN, and connect the two VLANs on each of the switches with the associated VLAN on the other switch.

I've created an example of this setup -- is this possible, and does anyone have any suggestions?



Everyone's tags (2)
Hall of Fame Super Bronze

2960 redundancy

Yes, it is possible but if the top switch goes down, you lose your redundancy to the WAN.

Planning to have multiple lease lines?

Are your FWs going to be configured for First Hop Redundancy for your LAN?

What device is performing the CPE function for the WAN? Any redundancy there?

2960 redundancy

Hi Edison,

Thank you for the reply. Good to know we're heading down the right track.

Yes, unfortunately the WAN is still a single point of failure with (currently) only one leased line connected to one of the switches. Our leased line has no backup provision (some offer failover to a broadband connection), and the CPE for the WAN is a Cisco 1800 series router with no redundancy.

I'm planning on using Linux-HA to switch between the primary and seconday firewalls. All traffic will only route to one or other firewall.


Hall of Fame Super Bronze

2960 redundancy

It's a good start towards the end goal. Need to start thinking about redundancy at the WAN.