Buy or Renew
Buy or Renew
Join the Catalyst Center Onboarding Ask Me Anything event happening now!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
333
Views
0
Helpful
1
Replies

How to Configure WAN Traffic with Active/Passive FW

mrshabbs
Level 1
Level 1

‎06-28-2024 01:20 AM

Hi All, I am looking for advice on how to configure / physically deploy an active/passive fw configuration when the ISP are providing a HSRP virtual IP for MPLS connectivity.
The same ISP provides 2 routers and a managed virtual HSRP IP. I was intending to connect the ISP routers, customer FWs (PA) and Stacked Core Switch as per the attached diagram.

The 4 connections  from the ISP routers (2 per router) through the FWs are Layer 2 virtual wires. 

The ISP will provide a virtual HSRP IP that for their routers. My question is how to configure the core switch so that the traffic routes correctly to the active fw as the FW connectivity is a virtual wire, layer 2 only. If I add the ISP HSRP IP as an SVI on the core and add the 2 interfaces towards the FW's in the same vlan, how will traffic know through which interface to flow (towards which FW)?

Thanks All

Preview file
26 KB
0 Helpful
1 Reply 1

MHM Cisco World
VIP
VIP

‎06-28-2024 03:42 AM

this how must your topolgy be 
two ASA HA need L2 SW 

ASA HSRP issue.png

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card