On the 3600's, for ethernets connecting the PIX and the routers use HSRP. Give the Pix's the default gateway of the HSRP adress. Then use BGP on the serial interfaces of 3600's to peer with your provider.
""Brian Zeitz"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > OK I figured this one out with some help :) I just need to get the 4 > Port DMZ card and designate two of the interfaces as IN using security > levels. The failover has a DMZ card too, so I can failover all 4 > interfaces in an emergency. Plus 1 Port for the failover. > > Thanks to the people helping me offline, these scenarios are getting > really complex. My next task is figuring how to take two T1s and make > them act as a single unit while providing redundancy. > > Thanks :) > > -----Original Message----- > From: Brian Zeitz > Sent: Friday, December 13, 2002 2:02 PM > To: [EMAIL PROTECTED] > Subject: RE: Load Balancing Firewalls [7:59183] > > Actually, management change the diagram on me :( > > T1--->3640--->515UR with failover > T1--->3640--->^ > > Both T1s going into a single 515UR with a standby unit. > > I figured out the first scenario, I just thought of it as it as being in > different locations and use global load balancing on the LBs. > > This second scenario I don't know if it is possible, I would have 2 IPs > coming from the e0/0 on the router, into only 1 Pix interface which I > don't know if it is possible.... > > > -----Original Message----- > From: Brian Zeitz > Sent: Friday, December 13, 2002 12:03 PM > To: [EMAIL PROTECTED] > Subject: Load Balancing Firewalls [7:59183] > > I have just been given the task of setting up a website with load > balancing. > > > > > > T1 ---> 3640-------->Pix 515 UR+4E------>Load balancer > > T1 ---> 3640------->Pix 515 UR+4E-------->Load balancer > > > > The Pix 515 are separate full units, I got another on because I know you > cannot use the failover as an active unit. > > > > My load balancers are not active/active. But if I use them separately, > they can run independently. > > > > I need to run just one website like www.mydomain.com > > > > > My managers would like both T1s to be used, but can also act as a > failover. > > > > Can anyone give me any pointers or tell me of any pitfalls before I dive > into this task? > > > > I thought about HSRP, would this work if I had redundant firewalls? Can > you cluster pix firwalls? I don't think you can, I wish I could. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=59474&t=59183 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
