06-15-2010 12:06 PM - edited 03-04-2019 08:47 AM
I am trying to build redundancy in our network, and have run across an issue. I have traffic coming into my network from multiple satellite offices, they are coming into 3 different firewalls (non-Cisco) and if one of the firewalls goes down I would like my Cisco 3750 to point the traffic going to the one that is down to one of my other firewalls. How would I do that dynamically?
06-15-2010 12:35 PM
Mike
You would run a dynamic routing protocol between your 3750 switch and the firewalls. If the firewalls are non-cisco you could use OPSF between the firewalls and the 3750 switch.
You would need the IP services image ie. not the IP Base image on the 3750 to run OSPF.
Jon
06-16-2010 07:33 AM
Thank you for the info Jon.
06-15-2010 04:23 PM
Another option you could explore if you want to avoid dynamic routing would be the use of "object tracking". With the use of either the "ip sla"/"rtr" (depends on ios) and the "track" commands, your device can monitor and track the reachability state of a host on the internet for example, and force down your primary default route (routes have to be created with different metrics) thereby forcing your secondary route into the route table and so on. You can also track the state of the interfaces but this doesnt always help because the outage could be downstream and your switch interface would still be "up" to your firewall. Check out the resources for Cisco RTR, IP SLA, or object tracking online.
06-16-2010 07:34 AM
Thank you for the info djh278778.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide