Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
529
Views
0
Helpful
2
Replies

how to fulfill the failover architecture with two pix and four switches?

haijason
Level 1
Level 1

‎11-12-2006 08:08 AM - edited ‎02-21-2020 01:18 AM

Hi,I have the following network architecture:

Core switch(A)6509==Core switch(B)6509

| |

PIX535(A)----------PIX535(B)

| |

Switch(A)3560==Switch(B)3560

| |

Border Router(A) Border Router(B)

| |

Extranet Network

Pls help me and give me any good advice for the architecture for fulfiling the full failover.

Thanks

0 Helpful
2 Replies 2

beth-martin
Level 5
Level 5

‎11-17-2006 09:12 AM

PIX Firewall failover allows you to configure two PIX Firewall units in a fully redundant topology.

For configuring failover

http://www.cisco.com/en/US/partner/products/hw/switches/ps708/products_module_configuration_guide_chapter09186a0080602f98.htm

0 Helpful

dbeattie
Level 1
Level 1

‎12-01-2006 03:20 AM

I have put in a number of architectures based on a pair of PIX and a pair of 2960s. using the WS-C2960-24TT-L, link the two GE ports as channelled trunks. Create as many VLANs as you need, ensuring that each VLAN appears on both switches. Connect your core switches, one to each 2960 and your inside interfaces, again, one to each. Connect other interfaces in a similar fashion. This allows for the complete failure of any one device.

If you need to physically separate the devices, use the WS-C2960-24TC-L switches, and fibre SFPs, don't channel the uplinks, but use RSTP over two separate links, with the heartbeat and sync connections biased onto one link and the data connections biased onto the other.

Hope this helps.

Dave

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card