02-20-2021 02:41 AM
Hello,
I'm doing an active/passive set up with BGP. I will have a router to a the active FW. I will have different router to the passive FW. The second FW will only have BGP peers up when the active FW fails.
I am going to have VLANS for the HA 1 and HA2 links.
Do I need to have the data planes (data port dmz interfaces) spanned across the FWs are well?
For example,
FW A interface 1 is 10.0.0.1/24 in Vlan A
FW B interface 1 is 10.0.0.1/24 in Vlan A
Does VLAN A need to be connected between the FWs?
02-20-2021 03:47 PM
assuming the same servers will be reached when firewallB becomes active, yes you will need a vlan to span the DMZ
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
