Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

3640 router - can you set up 2 PIXes for x-tra redundancy? 2

Status
Not open for further replies.
gman10

gman10

Technical User
Jul 20, 2001
451
US
Hi all-

I'm trying to set up my 3640 to use 2 PIX boxes... Let me further explain..

This is for a facility in St.Croix, so incase theres an issue where one PIX fails... how can I tell the 3640 to immediately pick up the 2nd PIX? Here's the tricky part.. the 2nd PIX will generally be turned off unless theres a better way. If for some reason the primary PIX fails, an techie could just turn on the 2nd PIX and the 3640 should start routing good traffic to that.. Any suggestions on doing this??

Thanks so much for a great group w/ great information..

GT [morning]
 
Sort by date Sort by votes
It would be better to use the built in Failover option on the PIX. When using the PIX in failover, both boxes share their IP addresses. When the "Active" pix goes down, the "Standby" pix grab's it's IP address. This would keep the routes the same.

However, you could have two valid routes (you should keep the other box on) for you destination(behind the pix). One would be a lower cost route than the other so your 3640 wouldn't try to loadbalance.
 
Upvote 0 Downvote
What baddos says is absolutely right. Use the failover mode. That is what we do with all of our redundant equipment.
 
Upvote 0 Downvote
yeah they are right
make sure that you have at lease 515 models

it is different than hrsp on routers because with the firewalls you must have the same pix model and FOS for this to work properly (although it may be possible for mixing but you will not get any help from TAC if something really breaks and you can't fix it, bugs, etc).

you need at least 515's because the 501's and 506's don't come with a failover port

i would also look into the stateful failover option
 
Upvote 0 Downvote
Thanks alot guys, hey I understand "stateful" when it comes to Windows 2K concepts but for routers? what is stateful failover exactly in router terms..

gt
 
Upvote 0 Downvote
Stateful means it will maintain state. The PIX w/ 6.2 have a statefail failover option when you connect the boxes with dedicated ethernet interfaces that transfers the translations and connection in the event of a failure on the active node.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Blackybear
  • Question
Cisco RV042G router
Replies
0
Views
291
Blackybear
Blackybear
jarod_paris
  • Locked
  • Question
firmware for an AP2800 WiFi terminal
Replies
0
Views
585
jarod_paris
jarod_paris
CPM86
  • Locked
  • Question
Cisco isr 4331 with IOS and sip busy fail over to 2nd sip number on pbx?
Replies
0
Views
526
CPM86
CPM86
B
  • Locked
  • Question
Cisco IP phone 7841 8851 unable to forward all to external number
Replies
0
Views
376
badwolf1686
B
woza
  • Locked
  • Question
GNS3: Delete the lines "transport preferred none"
Replies
1
Views
720
DrB0b
DrB0b

Part and Inventory Search

Sponsor

Back
Top