Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1132
Views
0
Helpful
4
Replies

FWSM active-active config( Intra chassis)

Madhan Kumar
Level 1
Level 1

‎11-24-2010 03:32 AM - edited ‎03-11-2019 12:13 PM

Hi all,

Is anybody is having configuration for same chasis acctive-active configuration( intra cheass) ?. I am going to install the 2 fwsm in the same chasis with active-active configuratuion. In cisco site only the inter chasis configuration is available.If anybody is having the config kindly send me the same.

Thanks & Regards

R.MADHANKUMAR

Labels:
0 Helpful
4 Replies 4

Marcin Latosiewicz
Cisco Employee
Cisco Employee

‎11-28-2010 03:06 PM

Hi,

Intra-chassis failover and inter-chassis failover - there is no difference in configuring them on FWSM-side. The FWSM is not aware if the peer device is in same or another chassis.

The only difference on the chassis side is that you need to push same set of vlan-groups to both modules.

Active/active or active/standby configuration is differentitiated on FWSM.

Marcin

0 Helpful

Madhan Kumar
Level 1
Level 1
In response to Marcin Latosiewicz

‎11-28-2010 09:53 PM

Hi,

Thanks for your reply. In intra chasis we are using the same MSFC, I mean the same router for uplinks for both modules, Whereas in inter chasis we are using different MSFC.  My doubt is we really require a HSRP config on the SVIs created for outside vlans on intra-chasis failover?. 

Thanks & Regards

R.MADHANKUMAR

India.

0 Helpful

Madhan Kumar
Level 1
Level 1
In response to Marcin Latosiewicz

‎11-28-2010 10:01 PM

Dear Marcin,

Thanks for your reply.

In inter-chasis failover we using different MSFC,I mean different routers, whereas in intra-chasis failover we are using the same MSFC. My doubt is we really require a HSRP config on the switch for outside SVIs?.

Thanks & Regards

R.MADHANKUMAR

India.

0 Helpful

Marcin Latosiewicz
Cisco Employee
Cisco Employee
In response to Madhan Kumar

‎11-29-2010 01:00 AM

Purely from FWSM's point of view HSRP is not required on the chassis in either of the scenarios, there is not problem to run traffic to a single SVI.

However one might think of a problem when for some reason L3 intreface becomes unavible on chassis 1 and usally this should be taken up by chassis 2.

That being said, FWSM does not even require that L3 address is configured on the chassis, it can be configured on any other device, L2 adjacant of course.

The device was built to be agnostic of the operation of MSFC (except "firewall ..." configuration).

Marcin

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card