We are working to deploy 4xPA-VM 300 firewalls in our 2 DCs. We would like to have a pair of Active/Passive firewalls in each DC. We would then want these 4 firewalls to be in a cluster as well.
Our objective is to have complete redundancy across DCs and intra-DC as well, but these firewalls to work as logically same firewalls and achieve the horizontal scaling scaling as well. Since both the DCs, although diff locations act as a single DC due to common IP addressing and the virtual environment.
I am looking for some configuration steps or architecture around HA clustering. How does the IP addressing on these physicall different but logically same firewalls work? Would we need to create a Virtual IP that at as a gateway for the network to send the traffic to and then the 2 active/passive pairs in cluster load-balance it?
How does clustering work in case of failures, is there a concept of floating/virtual IPs in it or would I need different IP addressing on the HA pairs in each DC.
Any help would be appreciated, couldn't find much in Palo docs except how to configure it.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!