Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Second LAN card on Models 1841 an 1941


When two Routers  Models  1941 (Main Router)    and  1841 work connected with HSRP,   and  a second LAN card is added to each one of them

If  i connect  the  GE 0/1  and  Fe 0/1   of each of one of them   To FireWall1 (in cluster with FireWall2)


i  connect the  second LAN  (Added)  of each one   To  FireWall2  (in cluster with FireWall1)

If  FireWall1 will failure ,  

How can  Router 1941 know, to move traffic  from GE 0/1  to the second LAN card connected to FireWall2 (which is in charge now, by cluster definition)


New Member

Second LAN card on Models 1841 an 1941

Hi Ariel, in firewall point of view, Firewall Cluster knows only one IP address and it doesn't care which device is currently listening on. I mean, if your firewall default gateway is, the HSRP group active router listens, so you can specify which of these routers will be active by configuring standby (group) priority (priority).

On the other hand router interfaces have to be connected via switched infrastructure to the firewall cluster, or firewall cluster interfaces which connected to the routers have to be bridged interfaces, becasue routers must listen multicast packets on the interfaces which will form a HSRP group.

Hope this helps


New Member

Second LAN card on Models 1841 an 1941

Hi Ali

Thanks for the response

i understand the routers have to be connected via switched infraestructure when each FireWall has only one  WAN port,

which  is common,  but in case the FireWall has many WAN ports e.g. Link Balancing + FireWall enable

For  Example as the picture below, a Barracuda Link Balancer with five WAN for balancing (think the maximun is six)

Each one has Two Wan, each for one Router (1941, and 1841) , and the rest three Wan for Three Adsl Backup,

(in the picture Adsl2, Adsl3, Adsl4)

Could work this escenario

Thanks again

CreatePlease to create content