Yes but what about the 2nd connections on each router or can you not do that?

Layer 3 link between the two router meaning connect them together?

Yes but what about the 2nd connections on each router or can you not do that?

Now that I think about it you don't need a second connection (no cross-connects)

Layer 3 link between the two router meaning connect them together?

Yes, connect them together and use /30 subnet for peering.

HTH

Yes please take a look at diagram I updated it because it was missing port numbers and connections.

Yes I would configure HSRP interfaces on each Internal Router (g1) but what about the other connections (g2) that goes to the other switch (each switch connects to each router)?

Also, how would I configure ports g3 on the Internal routers is g1 and g0 are just access vlan 123 ports on the Edge/interconnecting switch?

Can you make the diagram bigger as it is very hard to see the ports and descriptions?

Yes I will have to wait until I get to my PC at home.

Basically my big question is, how do I configure ports on a router/fw that connect to 2x redundant switches? (e.g. If let's say g1 on router has 10.1.1.1 going to switch1, how do I configure g2 on the router that goes to switch 2? Likewise on FW. In the diagram I am showing a layer 2 switch that is used in between routers and FW. I know I should put ports in FW and routers into just a common VLAN let's say mgmt. 10, but how do I configure the corresponding ports on the routers and the FW?

Awsome this is helpful!

Now, I configure HSRP on the router interface that connects to the interconnecting switch (between the routers and fw) or on the ports on the router that connect to the access switches.

e.g.,

interfaces on routers that connect to switch  have 10.10.1.1, 2.1, 3.1, etc.

intefaces on rotuers that connect to interconnecting switch will have the management ip 10.10.10.1 (HSRP - virtual ip is .1, router1 is .2, router2, is .2) which will also be configured on each device to access via management ip? If that is the case, I would use the port on the interconnecting switch that connects to the router as the standby track interface?

Now, I configure HSRP on the router interface that connects to the interconnecting switch (between the routers and fw) or on the ports on the router that connect to the access switches.

On both sides.  On the left side on the routers, you need HSRP for the server vlans (10.10.1.1, 2.1, 3.1, etc) and on the right side, you need HSRP for connectivity to the interconnecting switch and the fw.

The subnet/vlan you use on the right side is not for management, it is rather a transit vlan that is needed to connect the left side (server vlans) to the right side and finally Internet.  You can also use the same IPs to manage the devices or create a whole new subnet/vlan for management.

HTH

As long as the interfaces on the routers are configured with dot1.q (sub-interfaces) and the link to the switch is trunked and the link from the switch to the fw is trunked as well, you can add multiple vlans/subnet to it.  It is just like any other trunk port. You can then use vlan 123 for transit, vlan 10 for management, vlan 30, 40 and 50 for something else and so on...

HTH

Oh ok so on the interconnecting switch, ports going to the router and ports going to the fw are just trunks and not switchport access vlan 123 correct?

That is correct.  You want to trunk them, to begin with.  This way you can use more vlans/subnets as you wish and there is no downtime.

HTH

Ok bro I think I got it see new attached diagram showing connections and basic configs (I am kinda short-handing it and left out ACLs on FW, etc but showing HSRP, gateways, ips, etc.)

For Standby 2 on the router g3 interfaces, I am not sure what interface to track.

               Also, I would like to still just use vlan 10 as the management subnet but I am already using                     vlan 10 on the g1.10 interface so is that even possible?

As for gateways, I should be pointing to the FW as the GW on the  Internal routers and not the EdgeSw given that switch is just so I can connect both routers and the only IP  on it is SVI 10 for management access correct?

As for static routes, I just need to enter them at the EdgeRt (to reach internal 10.1.X.X subnets) and use a /16 correct???

             How do I make a vlan 10 IP accessible at the Edge Rt if that is possible?

              Would I just do my NAT at the FW? I need to translate my private 10.1.0.0 255.255.0.0 (/16                    to translate everything in 10.1.X.X correct?) to the G1 ip 50.50.50.2 IP on the Edge Rt?

Ok so I have the Edge sw(interconnecting switch) in place between the internal Router and FW but I can't ping the SVI of the EdgeSw nor ping the Interface router IP on the Router or any ip on the router.

See configs below. Just as in diagram. I have attached it again.

int G3.11

Desc mgmt

Encap dot1q

ip 10.10.11.2 255.255.255.0

Standby 2 ip 10.10.11.1 255.255.255.0

Standby preempt (R1 only)

Edge Sw (Interconnecting sw)

g1 (g2 of Sw2 Same)

switchport mode trunk

All other configs just as in diagram.

I can't ping between these interfaces or any other IP.

See anything wrong?