I have been tasked with deploying 2 routers with HSRP and 2 ASAs in Active/Standby failover. Please see attached layout document.
The routers will each have a 4 port HWIC switch.
The ASAs will have an Outside interface that connects to one of the FE switchports on the routers.
The routers with have a VLAN on the same network subnet as the outside interface of the ASA.
The routers will connect to each other on 2 FE trunk ports. R1 FE1 to R2 FE1 and R1 FE2 to R2 FE2. The purpose of these two connections is for VLAN cross connect and HSRP hello packet exchange.
The routers will have HSRP standby IPs configured on the WAN G0 interface and on the VLAN6 LAN interface.
My question concerns traffic flow in the event the primary G0 port/link on the Active R1 were to fail
G0 R1 Failure – HSRP on the WAN interface will make R2 G0 active.
Object tracking on the R1 VLAN interface will force the VLAN interface active on R2. R2 is now the Active router.
However, ASA1 is still the Active ASA.
Will traffic route properly from R2 to R1 through the HWIC switch?
R2 G0 to VLAN R2 FE2 to VLAN R1 FE2 to R1 FE3 to ASA1 G0
Or, must ASA2 be the Active ASA?
In addition, both routers are directly connected with 2 trunk links. The purpose of these connections was to ensure HSRP hello packet exchange in the event one link were to fail. Is this a feasible approach to ensuring HSRP exchange?
I suggest you redesign this and add two switches. If not I doubt you can get the redundancy you seek. Mainly all 4 equipments will be present in both switches, so if one switch fails, there will always be another. I recommend you run an EtherChannel betweent those two switches for complete redundancy.