cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
420
Views
0
Helpful
2
Replies

PIX 515E Failover

thebigc
Level 1
Level 1

Hi.

Having just read a doc regarding how failover is implemented on PIX 515Es - I noticed something that I'm hoping somebody out there will have a good answer for:

"It is recommended that you connect the Primary and Secondary PIXes with a dedicated switch. Do not use crossover cables."

This is talking about the LAN failover link and the Stateful failover link. What I want to know is why it is not recommended and what the issue is with using crossover cables? Surely putting in another switch to connect the units introduces a point of failure that isn't required?

FYI the doc I'm refering to is http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094ea7.shtml#before

Thanks,

Colin

2 Replies 2

jlebaron
Level 1
Level 1

Sure, that switch could be another point of failure.

But think about this, the failover will occur when the lan failover interface loses carrier. If you are using a crossover cable, and one of your pix's goes to toast, what happens with the other pix's ethernet interface? If you are using a crossover cable, it will see the interface down as well.

Big problem...the stateful lan failover link needs to have a connection up..hence, the reason for the switch.

Maybe not the best explanation..but you get the idea ?

Makes perfect sense, thanks.

Colin

Review Cisco Networking for a $25 gift card