For some reason I can't find a good way to do this, and I feel like it should be pretty simple. I have two Cisco ASA 5515-X firewalls in an Active/Standby configuration. Upstream, I have one WAN router (which I control) that hosts a GRE tunnel to the rest of the world. Somehow I need to connect both firewalls to the one router and have the failover work correctly.
I have seen plenty of documentation on how to accomplish this with both firewalls connecting to a switch which then connects to the WAN, but a direct connection to a router isn't common. Any ideas?
I figured that I could assign each firewall a separate transit /30 network and uplinking each one to the WAN router that way, but I don't see how to assign the standby firewall an entirely different WAN subnet.
No comments:
Post a Comment