Solved: CE Standby Config and Firewalls

jfoerster · ‎08-11-2003

Hi,

I've a problem getting a CE 7305 with standby config to work. The problem seems to be related to firewall where the ip default-gateway is pointing to. If I point the ip default-gateway (DG)to another router in this segment the standy works properly. If I do a ping on the FW I see an arp-entry in the CE but I don't get a response.

Pointing back the DG to the firewall the standby works for some seconds but afterwards no link is active. What do I have to permit on the FW to have the FW as default GW? Is a permit ICMP standby ip of the CE to the default GWs IP-Adresse enough or should this work without any permission on the FW-side. Btw the FW is a Cat6k with the Firewall blade.

Kind Regards,

Joerg

didyap · ‎08-14-2003

Make sure the inside IP addresses are permitted on the firewall. I don't think you need to have a special configuration on the firewall for it to work as a default gateway. You could check for bugs in the Bugtool kit to rule out any known issue.

View solution in original post

didyap · ‎08-14-2003

Make sure the inside IP addresses are permitted on the firewall. I don't think you need to have a special configuration on the firewall for it to work as a default gateway. You could check for bugs in the Bugtool kit to rule out any known issue.

jfoerster · ‎08-14-2003

HI,

you are right the most important thing is that this IP-Adress is pingable. I talked to FW guys and did a sniffertrace with them and we saw icmp echo and echo-replys in the trace.

Thanks...

Cheers

Joerg