- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
08-05-2024 08:38 AM
Hi All,
In PA active / active configuration, what will happen if there is no virtual address is configured.
I am seeing there are two ISP configured in each one in each firewall. Is it right way to configure it.
08-05-2024 09:25 AM
hi @Edsnow
So depends of use cases
You will use the following guide with the use cases
08-05-2024 09:25 AM
hi @Edsnow
So depends of use cases
You will use the following guide with the use cases
08-05-2024 10:27 PM
Hi Alenjandro,
Thanks for the reply,
In this case if,I choose to Active/active with route-based redundancy, Where the routing decision will be made. In router or Firewall.
08-06-2024 08:15 AM
hi @Edsnow
For route-based redundancy:
In a Layer 3 interface deployment and active/active HA configuration, the firewalls are connected to routers, not switches. The firewalls use dynamic routing protocols to determine the best path (asymmetric route) and to load share between the HA pair. In such a scenario, no floating IP addresses are necessary. If a link, monitored path, or firewall fails, or if Bidirectional Forwarding Detection (BFD) detects a link failure, the routing protocol (RIP, OSPF, or BGP) handles the rerouting of traffic to the functioning firewall. You configure each firewall interface with a unique IP address. The IP addresses remain local to the firewall where they are configured; they do not move between devices when a firewall fail
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!