[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] Fail over on two Cisco 2948GL3 switches
Hey all Maybe this is more of a Cisco problem, but just in case. I was wondering if any of you guys have had the same problem and know of a solution. We have two FW-1-4.1-sp2 on two NT4-sp6a servers with a StoneBeat303 HA fail over. The internal NICs are connected directly to the same vlan on two Cisco 2948GL3 switches, one firewall on each, and from the vlan we route traffic to and from our internal net on another vlan on the same switches. The same goes for the external FW-NICs. They're connected to their own vlan to which our two Internet routers are also connected. As you can see we're trying to avoid any SPF. Unfortunately the fail over doesn't work. The Switch is made, but the traffic keeps trying to go through the primary switch instead of the secondary. We reduced keep alive and TTL to next to nothing on the vlans and we've disabled spanning tree also. Strangely enough the fail over sometimes works from the secondary to the primary firewall, but not every time. Is this something any of you are familiar with? I'm pretty sure it's at Cisco problem, but any input will be appreciated. Sincerely -------------------------------------------- Kim S. Lohse, CCSA Security & System Administrator -------------------------------------------- ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|