Single firewall with core connections

Reply
clydef
L0 Member

Single firewall with core connections

I have a single firewall no HA at the moment which is connected to my 2 core routers which the routers running HSRP. How does Palo device know which device to send traffic to as it seems its sending too both causing asymmetrical routing.

Accepted Solutions
BPry
Cyber Elite

@clydef,

You should be sending the traffic to a common shared IP, for example we'll say 10.191.0.1. The standby ip and standby priority statements would take care of which core actually recieves the traffic at any given time. 

View solution in original post


All Replies
santonic
L5 Sessionator

PA sends traffic where you tell him too. You should tell him to send to cluster IP (or however it's called in HSRP). If that doesn't fix it then it's something wrong with your HSRP.

BPry
Cyber Elite

@clydef,

You should be sending the traffic to a common shared IP, for example we'll say 10.191.0.1. The standby ip and standby priority statements would take care of which core actually recieves the traffic at any given time. 

View solution in original post

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!