OK I figured this one out with some help :) I just need to get the 4 Port DMZ card and designate two of the interfaces as IN using security levels. The failover has a DMZ card too, so I can failover all 4 interfaces in an emergency. Plus 1 Port for the failover.
Thanks to the people helping me offline, these scenarios are getting really complex. My next task is figuring how to take two T1s and make them act as a single unit while providing redundancy. Thanks :) -----Original Message----- From: Brian Zeitz Sent: Friday, December 13, 2002 2:02 PM To: [EMAIL PROTECTED] Subject: RE: Load Balancing Firewalls [7:59183] Actually, management change the diagram on me :( T1--->3640--->515UR with failover T1--->3640--->^ Both T1s going into a single 515UR with a standby unit. I figured out the first scenario, I just thought of it as it as being in different locations and use global load balancing on the LBs. This second scenario I don't know if it is possible, I would have 2 IPs coming from the e0/0 on the router, into only 1 Pix interface which I don't know if it is possible.... -----Original Message----- From: Brian Zeitz Sent: Friday, December 13, 2002 12:03 PM To: [EMAIL PROTECTED] Subject: Load Balancing Firewalls [7:59183] I have just been given the task of setting up a website with load balancing. T1 ---> 3640-------->Pix 515 UR+4E------>Load balancer T1 ---> 3640------->Pix 515 UR+4E-------->Load balancer The Pix 515 are separate full units, I got another on because I know you cannot use the failover as an active unit. My load balancers are not active/active. But if I use them separately, they can run independently. I need to run just one website like www.mydomain.com My managers would like both T1s to be used, but can also act as a failover. Can anyone give me any pointers or tell me of any pitfalls before I dive into this task? I thought about HSRP, would this work if I had redundant firewalls? Can you cluster pix firwalls? I don't think you can, I wish I could. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=59297&t=59183 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]