From: Muhammad Saleem (msaleems@gmail.com)
Date: Mon Apr 11 2005 - 02:24:15 GMT-3
Thanks Scott Morris and Church, Chuck for your comments, I think the idea of
using content switch looks practical, I may be going to buy foundry or Cisco
content switch, the problem with Cisco content switch is they don't have
Gig-Interfaces while foundry has, for mid-range content switch.
thanks again,
Saleem
Networks Manager
KFUPM, KSA
----- Original Message -----
From: "Scott Morris" <swm@emanon.com>
To: "'Church, Chuck'" <cchurch@netcogov.com>; "'Muhammad Saleem'"
<msaleems@gmail.com>; <ccielab@groupstudy.com>
Sent: Sunday, April 10, 2005 5:39 PM
Subject: RE: Cisco Pix520 with MS ISA firewall togather
> Fail over implies there's a conversation between the two devices...
> There's
> nothing that's going to make a PIX and ISA server talk to each other.
>
> If you are dead-set on this type of combination, then your only plausible
> alternative is to use a content engine on each side (in and out) in order
> to
> watch connections going to and coming from one of the devices. This
> actually gives you active/active load balancing, but if/when the ISA
> server
> dies (grin) then the content engines would see that and everything would
> go
> to the PIX.
>
> HTH,
>
> Scott
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Church, Chuck
> Sent: Sunday, April 10, 2005 9:58 AM
> To: Muhammad Saleem; ccielab@groupstudy.com
> Subject: RE: Cisco Pix520 with MS ISA firewall togather
>
> I don't think PIXes support HSRP, and very sure that the MS server doesn't
> either. All of them DO support OSPF though. Why not have the router act
> as
> the default gateway, and have it learn default routes from both the PIX
> and
> the MS server. Adjust your cost to use the default that you want.
>
>
> Chuck Church
> Lead Design Engineer
> CCIE #8776, MCNE, MCSE
> Netco Government Services - Design & Implementation Team 1210 N. Parker
> Rd.
> Greenville, SC 29609
> Home office: 864-335-9473
> Cell: 703-819-3495
> cchurch@netcogov.com
> PGP key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x4371A48D
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Muhammad Saleem
> Sent: Sunday, April 10, 2005 7:53 AM
> To: ccielab@groupstudy.com
> Subject: Cisco Pix520 with MS ISA firewall togather
>
> Dear CCIE Lab,
>
> Can I use Cisco Pix520 with MS ISA firewall together in Fail Over
> scenario,
> Not like real failover feature in Pix or ISA individually but how can I
> make
> it possible in other way, Can I use a router with HSRP feature with the IP
> addresses of Cisco Pix Firewall 520 and MS ISA firewall in it and provide
> a
> virtual IP addresses to my client as default gateway.
>
> I will appreciate urgent replies
>
> Saleem
>
> Networks Manager
>
> KSA
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Tue May 03 2005 - 07:54:55 GMT-3