2 int on firewall if primary int fails , 2nd int will take over

crazyitguy · Nov 29, 2006

This question is for PIX and/or ASA firewalls:

I am planning to implement a network like the one below. It has an Active/Standby firewall config and BGP enabled edge routers. Firewall1 is the active firewall with the default gateway set to Router1. If Router1 fails, how can I tell Firewall1 to use the other interface/router as the default gateway. The other interface is in another subnet connected to Router 2.

See what I am getting at? Is there another way to implement this?

Thanks

Supergrrover · Nov 29, 2006

Check this link out.
It is for static route backup.

http://www.cisco.com/en/US/products...s_configuration_example09186a00806e880b.shtml

Brent
Systems Engineer / Consultant
CCNP, CCSP

crazyitguy · Nov 30, 2006

It seems that it is only available with Adaptive Security Device Manager which is only available on select ASA/PIX devices. Will it work on a 5200 ASA series??

Any other way?

Supergrrover · Nov 30, 2006

Do you mean a 5520 - then yes. That model supports failover and this feature. You can config it from the cli but the ASDM is included in all devices with 7x code.

Brent
Systems Engineer / Consultant
CCNP, CCSP

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

2 int on firewall if primary int fails , 2nd int will take over

crazyitguy

IS-IT--Management

Supergrrover

IS-IT--Management

crazyitguy

IS-IT--Management

Supergrrover

IS-IT--Management

Similar threads

Part and Inventory Search

Sponsor