We have a HA fw 3220 in our environment and our partner want to access some of our resources. They propose a PA-440 fw + small 12-port-Cisco 3560 in between the two sites by dark fiber.
Just wonder if you can setup FWs back to back instead of having a switch in between ie a extra point of failure?
is the Gateway going to be the switch or the FW440 behind it?
Any suggestion are much appreciated.
I do not believe any of the PA4xx series including SFP ports, to connect up to fiber. A media converter would work in lieu of a switch, but it is still a Single Point of Failure....
Why not configure the FW to setup a site to site VPN to more securely connect.
Why not configure Global Protect and control where the users are allowed to client vpn into?
Why not configure clientless VPN and let the outside team use the FW to proxy internally inside of your network.
Lots o' questions.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!