Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
469
Views
0
Helpful
2
Replies

Dual Firewall configuration (w/o FO)?

steven.pw.lau
Level 1
Level 1

‎08-23-2005 01:33 AM - edited ‎03-09-2019 12:13 PM

Hi Guys,

Let's say if I do not intend to use FO (Failover), and I would like to implement 2 FW as below,

1. is it possible to do this kind of configuration?

2. would there be any conflict of NAT?

3. can anyone give me ideas on how to make this setup work?

4. do the switch need to do equal costs load sharing?

5. Both the FW will be used for remote access VPN. Is this possible?

| 202.1.1.1/30

Router

| 200.2.2.1/29

|

|

L2 Switch

/ \

/ \

200.2.2.2/29 / \ 200.2.2.3/29

FW1 FW2

10.1.1.1/24 \ / 10.1.1.2/24

\ /

\ / 10.1.1.3/24

L3 Switch

|

|

PC default gateway pointing to 10.1.1.3 (switch)

Thanks.

Labels:
0 Helpful
2 Replies 2

steven.pw.lau
Level 1
Level 1

‎08-23-2005 01:43 AM

sorry, the diagram isn't that clear.

FW1 and FW2 is located side by side.

0 Helpful

colin
Level 1
Level 1
In response to steven.pw.lau

‎08-23-2005 04:48 PM

Hi There,

There are a number of things to take into account when designing a network with this scenario.

1. How do you decide which firewall to use as a default? The only way to have the PIXes look like a single unit is to run FailOver.

2. Similar questions with regards to the return traffic.

3. If you have both active, and one fails, all current connections will time out when it moves to the redundant firewall.

You have to be careful with this sort of thing - most of your redundancy will be at layer 3 only.

Hope that helps,

-colin.

0 Helpful
Customers Also Viewed These Support Documents