https://community.cisco.com/t5/network-security/ios-cbfw-firewall-ha/m-p/1752523#M496196 <P>Hi All,</P><P></P><P>Have anyone deploy HA on IOS firewall with Fastethernet interface configured into multiple sub-interfaces and tag with different vlan-Id and is assign as inside interfaces. Serial interface is outside interface. Would like to know whether HA can be apply in such design and whether it works ?</P><P></P><P></P> Mon, 11 Mar 2019 21:35:37 GMT jason.kwang 2019-03-11T21:35:37Z https://community.cisco.com/t5/network-security/ios-cbfw-firewall-ha/m-p/1752523#M496196 <P>Hi All,</P><P></P><P>Have anyone deploy HA on IOS firewall with Fastethernet interface configured into multiple sub-interfaces and tag with different vlan-Id and is assign as inside interfaces. Serial interface is outside interface. Would like to know whether HA can be apply in such design and whether it works ?</P><P></P><P></P> Mon, 11 Mar 2019 21:35:37 GMT https://community.cisco.com/t5/network-security/ios-cbfw-firewall-ha/m-p/1752523#M496196 jason.kwang 2019-03-11T21:35:37Z https://community.cisco.com/t5/network-security/ios-cbfw-firewall-ha/m-p/1752524#M496197 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>What you mean by HA? afaik HA is done through FHRPs like HSRP,VRRP or GLBP and they all demand at least 2 routers.I think it should work as long as active/standy can communicate they state which they will as by default traffic from/to self is permitted.</P><P>Can you tell if this is what you want to do ? if so I'll lab it up quickly and confirm or not what I said above.</P><P></P><P>Regards.</P><P></P><P>Alain.</P></BODY></HTML> Mon, 10 Oct 2011 08:59:55 GMT https://community.cisco.com/t5/network-security/ios-cbfw-firewall-ha/m-p/1752524#M496197 cadet alain 2011-10-10T08:59:55Z https://community.cisco.com/t5/network-security/ios-cbfw-firewall-ha/m-p/1752525#M496198 <HTML><HEAD></HEAD><BODY><P>Hi, you are partlly right abt my question. Yes I mean 2 routers running hsrp. But also following command on the 2 router</P><P></P><P>Redundancy inter-device</P><P> Scheme standby </P><P></P><P>This is relatively new commands. I have no routers to test out !</P><P></P><P></P><P> </P><P> </P><P></P></BODY></HTML> Mon, 10 Oct 2011 09:33:10 GMT https://community.cisco.com/t5/network-security/ios-cbfw-firewall-ha/m-p/1752525#M496198 jason.kwang 2011-10-10T09:33:10Z https://community.cisco.com/t5/network-security/ios-cbfw-firewall-ha/m-p/1752526#M496199 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>ok gonna lab it up and tell you what.</P><P></P><P>Alain.</P></BODY></HTML> Mon, 10 Oct 2011 09:44:36 GMT https://community.cisco.com/t5/network-security/ios-cbfw-firewall-ha/m-p/1752526#M496199 cadet alain 2011-10-10T09:44:36Z https://community.cisco.com/t5/network-security/ios-cbfw-firewall-ha/m-p/1752527#M496200 <HTML><HEAD></HEAD><BODY><P> Did you manage to lab the router as firewalls in HA?</P><P></P><P>I'm just about to purchase 2x 2901 to run as firewalls to protect my network.</P><P></P><P>But would like to configure them in active/stanby?</P></BODY></HTML> Wed, 23 Nov 2011 11:26:49 GMT https://community.cisco.com/t5/network-security/ios-cbfw-firewall-ha/m-p/1752527#M496200 martinbuffleo 2011-11-23T11:26:49Z https://community.cisco.com/t5/network-security/ios-cbfw-firewall-ha/m-p/1752528#M496201 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P>Sorry but I couldn't test because I didn't know about these 2 commands:</P><P>Redundancy inter-device</P><P> Scheme standby </P><P></P><P>And I must admit as there was no new post from you it gout out of my head.</P><P>Do you really need these 2 commands? otherwise post your topology and requirements and i'll do it tomorrow or on friday.</P><P>I don't have any 2901 or ISR G2 to test but only GNS3 and I'll have to use the SNAT feature which may be unavailable on the newer platforms as it is phased out by Cisco and they recommend using active/standby or active/active ASA pair for replacement of this technology.</P><P></P><P></P><P>Regards.</P><P></P><P>Alain</P></BODY></HTML> Wed, 23 Nov 2011 12:58:22 GMT https://community.cisco.com/t5/network-security/ios-cbfw-firewall-ha/m-p/1752528#M496201 cadet alain 2011-11-23T12:58:22Z https://community.cisco.com/t5/network-security/ios-cbfw-firewall-ha/m-p/1752529#M496202 <HTML><HEAD></HEAD><BODY><P> It wasn't my thread I'm just jumping on the back of it</P></BODY></HTML> Wed, 23 Nov 2011 13:04:24 GMT https://community.cisco.com/t5/network-security/ios-cbfw-firewall-ha/m-p/1752529#M496202 martinbuffleo 2011-11-23T13:04:24Z