FWSM supports two failover configurations, Active/Active failover and Active/Standby failover. Each failover configuration has its own method for determining and performing failover. With Active/Active failover, both units can pass network traffic. FWSM supports two failover configurations, Active/Active failover and Active/Standby failover. Each failover configuration has its own method for determining and performing failover. With Active/Active failover, both units can pass network traffic. This lets you configure load balancing on your network. For network resilience, the Cisco FWSM supports high-speed failover between modules within a single Cisco Catalyst or Cisco chassis (intrachassis) and between modules in separate chassis (interchassis), offering customers complete flexibility in their firewall deployments.
1 The FWSM does not support the supervisor 1 or 1A.. 2 When you use Catalyst OS on the supervisor, you can use any of these supported Cisco IOS software releases on the MSFC. When you use Cisco IOS software on the supervisor, you use the same release on the MSFC. The information in this document was created from the devices in a specific lab environment. The Cisco Firewall Services Module (FWSM) is a module that installs into the a Catalyst switch, and connects via 6 x 1 gigabit ethernet channel bonded into a single Etherchannel on the backplane. Delivering up to 6 gigabits per second at less than W in a C chassis it has got some potential as a high performance firewall. Install the patch on existing paired HA servers using manual failover. This is the method Cisco recommends if you already have HA set up. Install the patch on existing paired HA servers using automatic failover. For details on each method, see the Related Topics.
example, you can upgrade one unit from Version (1) to Version (2) and have failover remain active. Cisco recommends to upgrade both units to the same version to ensure long−term compatibility. Minimal FWSM Configuration for Stateful Failover Primary FWSM failover lan unit primary failover lan interface if_name vlan vlan. FWSM—The management IP address (recommended), the username and passwords, and the type of discovery you want to perform. If the FWSM is the second device in a failover pair, select Do Not Discover Module for the failover module. (Security Manager always manages the active admin context, regardless of whether you added the primary or secondary. Configuring Failover. This chapter describes the FWSM failover feature, which lets you configure two FWSMs so that one will take over operation if the other one fails. Failover is compatible with both routed and transparent firewall modes, and with single and multiple context modes. For sample failover configurations, see the "Failover Example.
0コメント