Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
634
Views
0
Helpful
2
Replies

redundant firewall design

yong khang NG
Level 5
Level 5

‎05-04-2011 09:31 PM - edited ‎03-11-2019 01:29 PM

Hi Forumer's

Just seeking idea on how to design on redundant firewall design

1. branch firewall got dual uplink, which normal time is using primary line connect to HQ. If connection to HQ fail, then will swap to secondary link for ensure connection resume.

2, failover between HQ and DRC, anything need to mention for this part?

3. what's the best way to design this topology?

Hopefully with your idea can spakle me to drill deeper, thanks

Noel

Labels:
Preview file
18 KB
0 Helpful
2 Replies 2

Maykol Rojas
Cisco Employee
Cisco Employee

‎05-05-2011 11:43 AM

Hi,

SLA monitoring will help you out on this one. If the primary route fails, VPN will try to establish on the secondary Link. If it is a site to site tunnel you can add a secondary peer so it can establish the VPN tunnel.

Here is the configuration for SLA monitor.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806e880b.shtml

Hope this helps.

Mike

Mike
0 Helpful

yong khang NG
Level 5
Level 5
In response to Maykol Rojas

‎05-05-2011 11:58 PM

Hi, thanks for the reply.

Just wondering can ASA support on MPLS? because the WAN strucuture is running on MPLS.

thanks

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card