Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Redundancy

Hi,

kindly check attached.

The network is up and running but without redundancy except fot he PIX failover.

I want to add redundancy at the core (HSRP) for the 3750.

I want also to work on the WAN routers.

he 2811 routers taking care of all the Bramch offices and i have 2 links from 2 different WAN providers.

Can you advice on the configuration that i need to do on the routers as well as the PIX.

on the other hand, i have a 3825 router that provider internet for the head office and a VSAT link to Nigeria, and i want to put a redundant router(2851) in case of any failure. Kindly advice on physical connection adn config... Does HSRP work in this case???

regards

Ffady

6 REPLIES
Bronze

Re: Redundancy

I am still looking at this, but one thing I did notice is your PIX failover. If you are using 515Es and are trying to do statefull failover, your single point of failure will still be the single 2950 that both pixes are connected to. In addition to that, are the pixes connected with a cross-over cable for the statefull information? If this is true, then when the state interface fails, both interfaces will go down, causing both pixes to try and become active. I am still looking at the other items, but I hope this helps.

Bronze

Re: Redundancy

For your 3750s, I would remove the 2950-12, as this is another single point of failure, and connect to the PIXs. I would also move your stateful connection to the 3750s to eliminate the redundancy problem that I stated earlier.

As long as your 3750s are handling the routing for the user vlans (SVIs) then you can do HSRP for each vlan with a unique standby group. Just set one up to preempt the other to anticipate normal traffic flow. Hope this helps.

Bronze

Re: Redundancy

The 2811s can be setup with HSRP info for the routing from the PIXs. Just set the values so that the primary will preempt the secondary when it comes back. Hope this helps.

Bronze

Re: Redundancy

For redundancy to the Internet and Nigeria, I see that you have a single 2950-12 that the links connect to. I assume that this is because you have a single connection to each of these locations. If so, you will not be able to provide redundancy in this area without working with your provider, as a second connection will be required. Hope this helps.

New Member

Re: Redundancy

Hi!

Kindly;how we configuring this network regarding to the 2 pixes;2 cisco 2801(branches),to 3825,2851(hsrp group) that connected to the internet & to the vsat(nigeria)

10xs

New Member

Re: Redundancy

Hi Sean,

1- as for the Switch between 2PIXs and the 3750 switch was meant so i don't lose interfaces on the PIX firewall.if i remove the switch that means that i need to use 2 interfaces on each PIX to go to each 3750 Switch.

2- As for the 3825/2851, the 2950-12 is used to concentrate the two links since it will be used at the same time. the situation now is the two links are coming straight to the 3825 and all i want to do is to provide redundancy at the Router level.

3- for the 2811 routers, i'll use another strategy, which you can find it attached. I'll use each router for a specific router, but i'm stuck on the configuration level on the PIX and the PIX.

Configuring the HSRP will be still valid???? how should i configure the PIX????

Please advice

regards

Fady

109
Views
1
Helpful
6
Replies