Firewall

2
Firewall ISP B Network_B_Publ ic ISP A Network_A_Pub lic Users Pc’s R1 Active router R2 Standby router Server Farm Fa0/0 Fa0/0 Fa0/1 not used currently Same Subnet Default gateway firewall inside interface Firewall Default gateway is HSRP address of R1 and R2 Sw 1 Sw 2

description

ISP A Network_A_Public. ISP B Network_B_Public. Fa0/1 not used currently. R2 Standby router. R1 Active router. Fa0/0. Fa0/0. Same Subnet. Sw 1. Sw 2. Firewall Default gateway is HSRP address of R1 and R2. Firewall. Default gateway firewall inside interface. Users Pc’s. - PowerPoint PPT Presentation

Transcript of Firewall

Page 1: Firewall

Firewall

ISP BNetwork_B_Public

ISP A Network_A_Public

Users Pc’s

R1 Active router R2 Standby router

Server Farm

Fa0/0 Fa0/0

Fa0/1 not used currently

Same Subnet

Default gateway firewall

inside interface

Firewall Default gateway is HSRP address of R1 and R2

Sw 1 Sw 2

Page 2: Firewall

Connectivity Description

• R 1 and R2 are internet routers with Network_A and Network_B routed respectively by ISP

• NAT done on both routers

• Public addresses undergo NATing once again in firewall and then packets reach the server farm.

• When packets are returning back , their source address is changed in firewall and then those are directed to default gateway. That is R1 and R2 HSRP address of Fa0/0.

• Packets those arrived from router 2 must leave from router 2 serial link. So that those will undergo proper NAT. ( in this case a source address ISP B ).

• In order to do this a policy based routing is applied on the fa0/0 of R1. This policy routes the packets to fa0/0 of R2 those were arrived from ISP B

• In this case can we bundle fa0/0 and fa 0/1 of each router so that redundancy will be achieved.

• Can HSRP be formed on such bundled interface , in case R1 fails to work