cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
363
Views
1
Helpful
6
Replies

Redundancy

ciscothejam00
Level 1
Level 1

Hi,

kindly check attached.

The network is up and running but without redundancy except fot he PIX failover.

I want to add redundancy at the core (HSRP) for the 3750.

I want also to work on the WAN routers.

he 2811 routers taking care of all the Bramch offices and i have 2 links from 2 different WAN providers.

Can you advice on the configuration that i need to do on the routers as well as the PIX.

on the other hand, i have a 3825 router that provider internet for the head office and a VSAT link to Nigeria, and i want to put a redundant router(2851) in case of any failure. Kindly advice on physical connection adn config... Does HSRP work in this case???

regards

Ffady

6 Replies 6

sean
Level 3
Level 3

I am still looking at this, but one thing I did notice is your PIX failover. If you are using 515Es and are trying to do statefull failover, your single point of failure will still be the single 2950 that both pixes are connected to. In addition to that, are the pixes connected with a cross-over cable for the statefull information? If this is true, then when the state interface fails, both interfaces will go down, causing both pixes to try and become active. I am still looking at the other items, but I hope this helps.

sean
Level 3
Level 3

For your 3750s, I would remove the 2950-12, as this is another single point of failure, and connect to the PIXs. I would also move your stateful connection to the 3750s to eliminate the redundancy problem that I stated earlier.

As long as your 3750s are handling the routing for the user vlans (SVIs) then you can do HSRP for each vlan with a unique standby group. Just set one up to preempt the other to anticipate normal traffic flow. Hope this helps.

sean
Level 3
Level 3

The 2811s can be setup with HSRP info for the routing from the PIXs. Just set the values so that the primary will preempt the secondary when it comes back. Hope this helps.

sean
Level 3
Level 3

For redundancy to the Internet and Nigeria, I see that you have a single 2950-12 that the links connect to. I assume that this is because you have a single connection to each of these locations. If so, you will not be able to provide redundancy in this area without working with your provider, as a second connection will be required. Hope this helps.

Hi!

Kindly;how we configuring this network regarding to the 2 pixes;2 cisco 2801(branches),to 3825,2851(hsrp group) that connected to the internet & to the vsat(nigeria)

10xs

Hi Sean,

1- as for the Switch between 2PIXs and the 3750 switch was meant so i don't lose interfaces on the PIX firewall.if i remove the switch that means that i need to use 2 interfaces on each PIX to go to each 3750 Switch.

2- As for the 3825/2851, the 2950-12 is used to concentrate the two links since it will be used at the same time. the situation now is the two links are coming straight to the 3825 and all i want to do is to provide redundancy at the Router level.

3- for the 2811 routers, i'll use another strategy, which you can find it attached. I'll use each router for a specific router, but i'm stuck on the configuration level on the PIX and the PIX.

Configuring the HSRP will be still valid???? how should i configure the PIX????

Please advice

regards

Fady

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco