Thank you for your prompt reply.....

Boss i didnot configure any monitor-interface.

When i configure one box in redundant mode and set to gateway in virtual ip in user and server pc didn't work in virtual ip. When i applied physical ip in the gateway and FWSM routing should be in physical IP.

Boss My question is that can i configure one 6509 with standby IP (Virtual IP) and every User and Server PC gateway have to use virtual ip?

Thanks

Md. Sariful Islam ( Palash)

Can you explain what did not work? FWSM failover or HSRP?

From your last post, it looks like your HSRP did not work. But in your first post, my understanding is that you were asking about FWSM failover feature.

Configuring HSRP on vlan interface in switch side should work. Could you please explain what was exactly broken?

If it is FWSM failover, can you capture "show failover" on both FWSM when they are in borken status?

If it is HSRP, can you capture "show standby" when it is in broken status?

FWSM failover is not working.

If it is just FWSM failover issue, you can enable "debug fover fail" and "debug fover fmsg" and then reproduce the issue to see why the failover does not happen. You can also use "show failover history" to check the reason of the failover.

As I mentioned before, you can add "monitor-interface" in the configuration  as well to see if it make a difference.

Please follow the attach file where you can find the configuration file. Now we are facing the following problem:

1. Servers are assign in VLAN 4 and IP address range: 172.16.4.0/24 and assign port no Gigabit 4/36

2. Users are assign in VLAN 10 and IP address range: 172.19.128.0/24 and assign port no Gigabit 4/5 (trunk port & coonect to other switch)

3. Now user can communicate each other but cannot access the server zone. Also user HSRP is working. In this case user virtual IP is 172.19.128.1.

4. Here the servers are located in Firewall zone (FWSM Card). From server we cannot access the user and also server cannot access each other.

5. Switch and FWSM card are working through VLAN 99. In switch side IP address is 172.19.192.20 and in Firewall side IP address is 172.19.192.23. Here we configure a static route between the switch and firewall.

6. For your kind information, from FWSM we can communicate both server and user.

Thanks and looking for your support

Sariful

On your switch, the route should point to the active IP of Vlan 99 on FWSM,

ip route 172.16.3.0 255.255.255.0 172.19.192.25  <<<
ip route 172.16.4.0 255.255.255.0 172.19.192.25  <<<

On FWSM, the traffic from client to server will go through outside --> ESS, since it is from low security side to high security side and NAT control is enabled, you must have related static NAT or disable nat-control by "no nat-control".