Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1297
Views
0
Helpful
2
Replies

PIX failover question

pambosch
Level 1
Level 1

‎05-14-2002 09:46 AM - edited ‎02-20-2020 10:03 PM

I have two PIX 515 to be connected in a failover configuration. I want to configure "stateful" failover which requires a dedicated fastethernet interface on each PIX. Do I still need to connect the special serial failover cable between the two PIX or just the failover ethernet connection between the two would be enough ? I want to locate the two PIX in two different rooms (for disaster recovery reasons), and obviously the length of the serial failover cable will not be enough. What do you suggest in such a situation?

Appreciate any help.

Thank you

0 Helpful
2 Replies 2

mkumar
Level 1
Level 1

‎05-14-2002 01:16 PM

This is available as a new feature in PIX 6.2, and below I have quoted it from 6.2 release manual -

------------------------------------------------------------

LAN-based Failover extends PIX Firewall failover functionality to operate through a dedicated LAN interface, without the serial failover cable. This overcomes the distance limitation of the current serial cable. Failover configuration synchronization can now occur through the serial cable or a LAN interface. However, the PIX Firewall failover pair must be on the same subnet, and the PIX Failover model remains a hot-standby model, with one unit active and the other standby.

For LAN-based Failover, use a dedicated switch or hub (or VLAN) to connect the PIX Firewall failover pair so that the secondary unit can detect the failure of the dedicated LAN failover interface of the primary unit and become active. Crossover Ethernet cables cannot be used to connect the LAN-based Failover interface. Additionally, we recommend that you dedicate a LAN interface for LAN-based Failover, but the interface can be shared with Stateful Failover under lightly loaded configurations.

---------------------------------------------------------------------------

0 Helpful

pambosch
Level 1
Level 1
In response to mkumar

‎05-14-2002 09:57 PM

thank you very much for the tip.

appreciate it

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card