Cisco Systems 535 user service Installing LAN-Based Failover

Page 9

Chapter 7 PIX 535

Installing LAN-Based Failover

Caution Do not turn the power on until the units are connected and the primary unit is configured completely.

Step 7 Power the primary unit on first, then power on the secondary unit. Within a few seconds, the active unit automatically downloads its configuration to the standby unit.

If the primary unit fails, the secondary unit automatically becomes active.

Note All enabled interfaces must be connected between the active and standby units. Only configure the active unit. On the PIX 535, the active unit is indicated by the ACT LED on the front panel (see Figure 7-1).

Installing LAN-Based Failover

LAN-based failover supports failover between two units connected over a dedicated Ethernet interface. LAN-based failover eliminates the need for a special failover cable and overcomes the distance limitations imposed by the failover cable.

Note Both PIX security appliances must be the same model number, have the same amount of RAM, Flash memory, number and type of interfaces, and be running the same software version.

To set up a LAN-based failover connection, perform the following steps:

Step 1 Disconnect both PIX security appliance, so that there is no traffic flow between them. If the failover cable is connected to the PIX security appliance, disconnect it.

Step 2 Configure the PIX security appliance for LAN-based failover. Refer to the chapter on configuring LAN-based failover in the configuration guide online at:

http://www.cisco.com/en/US/products/sw/secursw/ps2120/prod_configuration_guides_list.html

Step 3 Power off both units.

Step 4 Connect the LAN failover interfaces to the dedicated switch/hub, as shown in Figure 7-6.

Note A dedicated LAN interface and a dedicated switch (or VLAN) is required to implement LAN-based failover. You cannot use a crossover Ethernet cable to connect the two PIX security appliances.

Cisco PIX Security Appliance Hardware Installation Guide

 

78-15170-03

7-9

 

 

 

Page 8 Page 10
Image 9
Page 8 Page 10
Contents PIX 535 Product Overview PIX1shows the front view of the PIX LEDs State Description PIX 535 Network Interface Description Installing the PIX Before Installing the PIXMounting the PIX PIX 535 Network Interface Installation PIX 535 Feature LicensesVPN Accelerator Card+ VPN Accelerator CardPIX 535 Failover Cable Connection Installing FailoverInstalling LAN-Based Failover LAN-Based Failover Connections Replacing a Lithium BatteryInstalling a Memory Upgrade System Memory Location on the PIX 535 Component Tray Inserting a Dimm Memory Strip in the PIX PIX 535 Circuit Board Options Installing a Circuit Board in the PIXRestricted Interface Options Unrestricted Interface Options 10 PIX 535 Back Panel Detail Circuit Board Slot Description11 The Component Tray at the Back of the PIX Installing a Circuit Board12 4-Port Circuit Board Overlap MB Flash Circuit Board13 16 MB Flash Circuit Board Gigabit Ethernet Circuit Board VPN Accelerator Circuit Board15 Gigabit Ethernet Circuit Board Installing the PIX 535 DC Model16 Attaching a Grounding Lug to the PIX 535 DC PIX Installing the PIX 535 DC Model
Top Page Image Contents