What I want to do is (note: this is a test network to validate firewall
redundancy and not ISP redundancy)
1. Router makes the DSL connection to the ISP
2. The Firewalls are an Active/Active pair and are asssigned the
external IP
address which are static
The question is this, do i just configure the router interface that is facing
the ISP as the pppoe cleint and ensure that all interfaces on the router
connecting to the ISP, FW1 and FW2 are in the same VLAN and then assign the
static IPs on the FW Active/Active Cluster. (These are not Cisco firewalls)
Hope the format stays
_____
ISP
___
|
|
_____________
Router
_____________
| |
| |
_____ _____
FW1 FW2
_____ _____
###########
Router Config
###########
interface FastEthernet0
description ISP-DSL
switchport access vlan 999
pppoe enable
pppoe-client dial-pool-number 1
!
interface FastEthernet1
description FW1
switchport mode access
switchport access vlan 999
!
interface FastEthernet2
description FW2
switchport access vlan 999
!
interface Dialer1
mtu 1492
no ip address
encapsulation ppp
dialer pool 1
dialer idle-timeout 0
dialer persistent
no cdp enable
ppp authentication chap
ppp chap hostname XXXXXXXXXXXXX
ppp chap password 7 XXXXXXXXXXXXX
Jason Maynard
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
