Re: PIX LAN Based Failover and Crossover cables

iftikhar.qurashi · ‎02-05-2005

Hi,

It is recommended on following URL that crossover cable should not be used for PIX LAN based failovers. Does anybody know what is the rationale behind this recommendation and why a switched connection is recommended between Pri and Stby PIX firewalls for Failover interfaces

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094ea7.shtml

Thanks

Iftikhar

thisisshanky · ‎02-05-2005

Iftikhar,

Good question, I cant seem to find a reference to anything other than "Do not use a Xover cable to do LAN based failover".

I would say this is only a recommendation or best practice. It should definitely work with a cross over cable. The idea behind the introduction of LAN based failover is due the distance limitation of the failover serial cable. If the units are atleast 100 m apart (say) then you cannot use the serial cable. So LAN based failover was introduced. Now I wouldnt recommend to use a cross over cable that long to connect between the two devices. Connecting through a hub or a switch helps in better reproduction of voltage levels on the line compared to connecting a cross over cable. This will probably help in better detection of link failures.

So my conclusion is that cross over cable should work with LAN based failover, just that its a best practice to use a switch or hub.

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus

griffijo · ‎02-05-2005

Hi, I have been using a crossover's for the past several years on the 525 without any problem.