Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
247
Views
0
Helpful
2
Replies

Configuring traffic flow between different redundancy group if they belong to different zones?

a.das
Level 1
Level 1

‎05-17-2016 06:11 AM - edited ‎03-12-2019 12:45 AM

Hi everyone,

We have configured Firewall Stateful Interchassis Redundancy in 2 ASR 1004 working as active-active device scenario.

In Zone base policy firewall with redundancy group configuration, is it possible to configure traffic flow between different redundancy group if they belong to different zones?

IOS Version:

Cisco IOS XE Software, Version 03.10.03.S - Extended Support Release
Cisco IOS Software, ASR1000 Software (X86_64_LINUX_IOSD-ADVENTERPRISEK9-M), Version 15.3(3)S3, RELEASE SOFTWARE (fc1)

Regards,

Alok Das

Labels:
0 Helpful
2 Replies 2

Philip D'Ath
VIP Alumni
VIP Alumni

‎05-17-2016 01:04 PM

I don't know the answer.

If the IOS-XE implementation of active-active results in both devices knowing all flows, then I would say yes.

If the implementation only knows about the flows it is active for, and not the flows on the other active node, then I would say the answer is no.

0 Helpful

a.das
Level 1
Level 1
In response to Philip D'Ath

‎05-18-2016 04:00 AM

Actually in our present setup we have 10 proxy servers in proxy zone and 4 DNS servers in DNS zone. in the redundancy group 1 we have 5 proxy servers and 2 dns servers and in the redundancy group 2 we also have 5 proxy servers and 2 dns servers. now communication between different zone and same rg and  between different rg and same zone is happening. but the communication between different zone and different rg is not happening...

any suggestion what to do? 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card