Nexus 7K and NGFW 2130 Active/Active Firewall configuration
I currently have two 2130 firewalls deployed in an active/standby deployment. I was thinking of some different ways that I could use both of them in an active/active way with some type of automatic failover. I was hoping to find a solution instead of just making it up as I go along.
The firewalls are connected to separate pairs of Nexus 7Ks in two different Data Centers connected by OTV.
My throw together idea is to have the inside IP addresses be different with equal cost static routes, use different NAT IP addresses for the outside and then work on figuring out ways to ensure a complete automatic failover process. For the inside, if one device were to go down, we would automatically start routing to the other firewall due to the static routes. Even though I definitely believe I can get this working, it would be easier to sell to the business if I had a solution.
A couple of constraints are that I am not going to purchase different firewalls, I would like to run NGFW code in the near future (current ASA), and the firewalls will remain connected to the Nexus 7Ks.
I was looking at Nexus Internet Traffic Director, but it seems I would have to put both Firewalls in the same DC. Any way around that?
If there are any available solutions, please let me know.
I've got a one problem. Me and my friend have the same ISP. I checked my External IP address at WhatIsMyIp.com and my friend do it to. And we saw we have the same External IP.So my question is can 2 routers have the same External IP address?If i'm right 2...
LISP Protocol (Location Identifier Separation Protocol)! - The LISP protocol has become a brilliant stardom with the digital transformation that we are now experiencing. - Today we will talk about the LISP protocol and its advantages and method of p...
SD-Access provides automated end-to-end services (such as segmentation, quality of service, and analytics) for user, device, and application traffic. SD-Access automates user policy so organizations can ensure the appropriate access control and applicati...
Purpose: This document shows you how to create a group-based security policy in Cisco DNA Center.
Security policies determine the types of network traffic permitted or denied between scalable groups. Scalable groups are a critical compo...
Are you an experienced network professional?
If yes, we'd like to understand how we can better organize network management activities in a way that makes sense to you. Your response will help Cisco improve a product feature that could benefit you.&nb...