15-28
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide
OL-6392-01
Chapter 15 Using Failover
Failover Configuration Example
Example 15-1 lists the typical commands in a failover configuration. This example shows how to
configure multiple context mode and shows one context, the admin context. For single context mode,
simply combine the two configurations, and remove the admin-context command and the context
commands.
Example 15-1 Failover Configuration
System Configuration:
hostname FWSM
enable password farscape
password crichton
admin-context adminctxt
context adminctxt
allocate-interface vlan200
allocate-interface vlan201
config-url disk:/adminctxt.cfg
failover lan interface faillink vlan 10
failover link statelink vlan 11
failover lan unit primary
failover interface ip faillink 192.168.253.1 255.255.255.252 standby 192.168.253.2
failover interface ip statelink 192.168.253.5 255.255.255.252 standby 192.168.253.6
failover interface-policy 1
failover replication http
failover
Context Configuration:
nameif vlan200 outside security0
nameif vlan201 inside security100
enable password aeryn
password rygel
telnet 192.168.2.45 255.255.255.255
[A host on the context network, not shown]
ip address outside 209.165.201.1 255.255.255.224 standby 209.165.201.2
ip address inside 192.168.2.1 255.255.255.0 standby 192.168.2.2
monitor-interface inside
monitor-interface outside
global (outside) 1 209.165.201.3 netmask 255.255.255.224
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
static (inside,outside) 209.165.201.5 192.168.2.5 netmask 255.255.255.255 0 0
access-list acl_out permit tcp any 209.165.201.5 eq 80
access-group acl_out in interface outside
route outside 0 0 209.165.201.4 1
Example 15-2 shows the configuration for the secondary module.
Example 15-2 Failover Configuration: Secondary Unit
failover lan interface faillink vlan 10
failover lan unit secondary
failover interface ip faillink 192.168.253.1 255.255.255.252 standby 192.168.253.2
failover
To Next Page
Loading...
Need help?
General