This is the first time I've messed around with a failover port on a switch. We have a single WAN coming into what is now dual redundant firewalls. We need to split the WAN at the 2530 switch we have so the HA firewall gets the WAN if the Main Firewall dies. I've programmed the switch thus far as follows, but I'm unsure of the coding in this case as I've never used smart-links before.
hostname "DUMMY Name"
encrypt-credentials
no telnet-server
time timezone -6
no web-management
web-management ssl
interface 1
name "Backbone to WAN"
unknown-vlans disable
exit
interface 2
name "Main Firewall"
unknown-vlans disable
exit
interface 3
name "Failover Firewall"
unknown-vlans disable
exit
snmp-server community "public" unrestricted
snmp-server contact "admin"
vlan 1
name "Main Firewall Link"
no untagged 4-10
untagged 3
tagged 1-2
no ip address
exit
vlan 2
name "Failover Firewall Link"
untagged 2,4-10
tagged 1,3
no ip address
exit
smart-link group 1
master 2
slave 3
preemption-mode role
preemption-delay 10
protected-vlans 1
exit
smart-link group 2
master 2
slave 1
preemption-mode role
preemption-delay 15
protected-vlans 2
send-control-vlan 2
exit
no tftp server
no dhcp config-file-update
no dhcp image-file-update
no dhcp tr69-acs-url
password manager
password operator
No comments:
Post a Comment