Friday, July 27, 2018

Router(HSRP) -> Redundant Firewall Connection

We are currently evaluating a design which will implement to redundant routers(A - Primary & B - Backup) that are currently using HSRP with two redundant firewalls(FA- Primary & FB - Backup). So the design is roughly the following:

A -> FA B -> FB A & B are interconnected FA & FB are interconnected

The firewalls are going to be in routing mode and will be sitting between 3 different subnets. After a lot of research it sounds like its best practice to have an L2 switch between the firewalls and routers.

My question is if this design is practical or achievable. I'm worried that having two directly connected L3 devices(routers and firewalls) will have adverse consequences whiles using HSRP. However I don't have enough networking expertise to dissect this and I haven't been able to find enough information on this specific design. Any help would be appreciated. Thank you



No comments:

Post a Comment