cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
465
Views
5
Helpful
4
Replies

HSRP Information Synchronization

haithamnofal
Level 3
Level 3

Hi,

My understanding is that 2 routers configured for HSRP need a L2 connectivity to synchorinize their HSRP group information, so in case I am connecting the 2 routers to 2 failover firewalls directly (i.e. router A is connected to FW1 and router B is connected to FW2 and I have HSRP between Routers A and B) and there is no L2 SW in the middle, how will I be able to pass the HSRP information between the 2 routers? Can a direct link between the 2 routers pass the HSRP information?

Regards,

Haitham

4 Replies 4

Richard Burts
Hall of Fame
Hall of Fame

Haitham

I am not clear whether you are talking about running HSRP between the routers on their LAN side connections (it may make good sense there) or on the router connection to the Firewall. If the router LAN connection is through a layer 2 switch it should work fine and has benefit of supplying redundant default gateway to the client PCs on the LAN. I am not clear why you would want to run HSRP on the connection to the firewalls, and since the firewalls would not pass the HSRP hello traffic, HSRP would not work there.

Perhaps you can explain your environment and what you are trying to accomplish with HSRP and then maybe we can give you better answers.

HTH

Rick

HTH

Rick

Ahmede
Level 1
Level 1

Small switch in between the two routers and the two firewall will do the trick..

Hi,

Thanks for the replies, actually the setup is as follows:

Router A ----- FW 1----Core Switch

Router B ----- FW 2----Core Switch

If I to configure HSRP between router A and B to have my firewall cluster pointing to 1 default gateway address, the question is there a way to have this setup be achieved without a L2 SW between the routers and the firewalls (i.e. using for example a direct connection between the 2 routers for passing the HSRP traffic because I currently dont have a switch to use between the routers and firewalls)?

Thanks,

Haitham

Haitham,

You would need a switch in your scenario between your firewalls and the routers.

For HSRP to work, it is necessary that they exchange hellos for which they require connectivty at Layer2

HTH, rate if it does

Narayan

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: