Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

HSRP Configuration

I wanted to configure my network for HSRP. I have two Catalyst 4507 as core switches which are connected with cisco pix firewall. Core switches are running HSRP and have dot1q trunnking enable.

Internet Routers are also running HSRP.

Firewall ports are connected in VLAN as access ports. No trunking on pix firewall ports.

I have attched the network digram for your review. On each VLAN I have given the standby IP address. That standby IP address is gw for firwall.

1. Will that configuration works or not.

2. Any limitation of firewall access port or trunk ports.

3. Vlan configuration is right or wrong as well as standby


Please help me out. I will be very greatful to you all.


Re: HSRP Configuration

The topology seems to be good in terms of achieving redundancy..

Make sure you have preempt configuration under HSRP for the routers and the L3

The only problem (to which i do not have a solution) is that if the firewall detects a link failure on the failover interface, both will try to failover thereby dropping traffic. hence sometimes it is recommended to have the failover interface connected via a switch so that one side link failover does not cause the link to go down on the secondary firewall but again the situation can be same if the switch itself fails



New Member

Re: HSRP Configuration

Thanks for the reply, I am using serial cable fail over in pix firewall.

Can you tell me if I will make the trunk between core switch and firewall, what will happen, any benefit.

I will send you the complete configuration of HSRP for your review so that u can tell me what is wrong in configuration.

would u recomend me about Load Balancing in core switch. right now i gave u configuration of HSRP not load balancing.

Core switch will have the same vlans. How i will configure load balancing.

My Internet routers will have two links, with HSRP one router will be tottally idle.

Right now i m using PBR, Will PBR still work

when i will configure the HSRP.