Hi, I am trying to build a redundant internet design with multiple ISPs ,multiple firewalls ,DMZs etc.....I want to make sure there is complete redundancy even if one or more hardware components failed in the path......
Here is the path Edge routers (BGP)- Edge switches(2)-Edge firewalls(2)-DMZ switches(2)- Core firewalls(2). I am planning to keep the firewall in active/standby failover mode. Switches are in Layer 2 mode. My question is how the firewalls behave id there is a problem with the switches? Do I need to connect each firewall to both switches .....Is there any best practices? How does the ASA detect the switch failure and send traffic through the second switch ? Thanks, Saj
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
