We are trying to implement both HSRP between our Edge Routers, as well as implementing HA on our Firewalls. Currently, they are all completely separate devices logically and physically. Traffic destined for External is directed through Router01 through various SLA automated commands on all of the devices. 01 and 02 devices are in different buildings, with fiber connections between them.
Topology: EXTERNAL -> Router01 -> Firewall01 -> Core Switch01 -> Core Switch02 -> Firewall02 -> Router02 -> EXTERNAL
Traffic between the Core switches is L2. '
Traffic between Core switches and firewalls are L2.
Traffic between Firewalls and Routers are L3.
We are attempting to implement HSRP on the routers, and HA on the firewalls, but are having trouble with any configuration that would allow the HSRP traffic to transverse the firewalls in HA mode.
The proposal being thrown out is having a new VLAN between the Routers and Core Switches, so the Topology would be:
Router01 -> Core Switch01 -> Core Switch02 -> Router02
Obviously not ideal, since that is simply having a connection that would bypass the firewalls, so we are looking for alternatives.