Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
382
Views
0
Helpful
1
Replies

Ability to ping redundant interface IP address

ben.robinson
Level 1
Level 1

‎06-08-2005 07:21 PM

Hi,

I have this setup for our content switches.

Primary F/W --> Primary CSS --> Local Switches

| |

| |

Secondary F/W --> Secondary CSS --> Local Switches

This is the relevant configuration.

Primary CSS

circuit VLAN4

ip address 192.168.76.4 255.255.255.0

ip virtual-router 4 priority 101 preempt

ip redundant-interface 4 192.168.76.254

Secondary CSS

circuit VLAN4

ip address 192.168.76.5 255.255.255.0

ip virtual-router 4 priority 90

ip redundant-interface 4 192.168.76.254

The problem is that the Secondary F/W can not ping the redundant interface IP address via the secondary path when all devices are in normal mode.

Is this normal?

The ping is occuring for firewall failover checking.

Thanks,

Ben

Labels:
0 Helpful
1 Reply 1

Gilles Dufour
Cisco Employee
Cisco Employee

‎06-08-2005 10:52 PM

it should work.

Your diagram does not display very well, so I don't know where are the | links.

What should be the path of traffic from secondary firewall redundant-interface ?

Is the traffic going to 1 CSS and being bridge to the 2nd CSS ?

If that's the case, you need the command 'ip uncond-bridging' on both CSS to force CSS to bridge first and then route.

Regards,

Gilles.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card