Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
435
Views
0
Helpful
2
Replies

3560 HRSP part duex

afionda
Level 1
Level 1

‎07-12-2010 10:38 AM - edited ‎03-06-2019 11:59 AM

Guys,

I have an HSRP setup on two 3560 L2 switches (thanks to your guys help).

I am trying to figure out the best way to get the back to the firewall on the standby router.

My guess is to make a 2nd interface on my sonicwall firewall ( i know trying to migrate to ASA's) and just create secondary default route with a lower metric distance to that interface.

I guess in a whole, when my main router goes down i need internet access.

Here is my design

2960_A------------3560_A---------Sonicwall Firewall

|

|

|

|

|

3560_HA

THANKS IN ADVANCE

Labels:
0 Helpful
2 Replies 2

Dipesh Patel
Level 2
Level 2

‎07-12-2010 05:55 PM

Dear Adam,

1st of All HSRP is working on Layer 3.

And for the same you need to connect your firewall with both 3650 switches.

Firewall has default route through standby ip.

e.g.

configuratio is like

3560 -1

int vlan 100

ip add 10.10.10.2

standby 1 prio 120

standby 1 preempt

standby 1 ip 10.10.10.1

3560 - 2

int vlan 100

ip add 10.10.10.3

standby 1 ip 10.10.10.1

Firwall:

For inside there are defult route to 10.10.10.1

For outside primary default route to primary router secondary route to internet router with matric.

Hope tp help.

Rate if it will help you.

Regards

0 Helpful

Ganesh Hariharan
VIP Alumni
VIP Alumni

‎07-12-2010 10:51 PM 

Guys,
I have an HSRP setup on two 3560 L2 switches (thanks to your guys help).
I am trying to figure out the best way to get the back to the firewall on the standby router.
My
guess is to make a 2nd interface on my sonicwall firewall ( i know
trying to migrate to ASA's) and just create secondary default route
with a lower metric distance to that interface.
I guess in a whole, when my main router goes down i need internet access.
Here is my design
2960_A------------3560_A---------Sonicwall Firewall
|
|
|
|
|
3560_HA
THANKS IN ADVANCE

Hi,

For stanby switch to forward traffic to sonic firewall in case of failure you need to have connection from from firewall to switch and if possible try to check with sonic vendor is there any clustering of port can be done in sonice firewall like two ports and on logical interface which will be default gateway for both switches and your thought is also good if the sonic can't have logical interface make another port with same segment ip address and assign the stanby switch default gateway to that ip of sonic firewall.

In this case if switch one goes down secondary comes to picture and traffic will be routed vis secondary port ip address.

Hope to Help !!

Ganesh.H

Remember to rate the helpful post

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card