cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
342
Views
0
Helpful
2
Replies

PIX Failover with DMZ

rephil
Level 1
Level 1

I have heard from a colleague of mine that there may be some issues with a failover setup and using a DMZ. Can anyone give me a configuration example or other wise direct me?

Thanks,

Philip-

2 Replies 2

nkhawaja
Cisco Employee
Cisco Employee

Hi,

We have not heard of any such thing. If you are using statefull failover, then use a separate interface other then DMZ for failover updates.

Here is the link for failover.

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v52/config/advanced.htm#10796

Config for DMZ are similiar to configuring inside/outside

Thanks

Nadeem

Also, make sure both firewalls in the failover pair have a DMZ interface. Then make sure both DMZ interfaces can connect on the same LAN. The firewalls must poll and answer each other on EVERY interface that is in use, or failover can be triggered.

DaveH

Review Cisco Networking for a $25 gift card