Junos OS

 View Only
last person joined: 2 days ago 

Ask questions and share experiences about Junos OS.
  • 1.  Best way to cable VC to HA firewalls for redundancy?

    Posted 05-27-2021 09:23
    I have a lab environment (learning Junos) and I'm looking for the best way to cable my virtual chassis switches to a pair of HA firewalls?

    I have two EX2200-C in a VCF and two Fortigate 61E Firewalls in a HA. How can I cable these bad boys up so if one device dies is doesn't bring the whole network down?

    Here is a rather poor drawing of what is I was thinking would work (I am no Picasso).


  • 2.  RE: Best way to cable VC to HA firewalls for redundancy?

    Posted 05-28-2021 10:10
    Hi fins, welcome to the wonderful Juniper world :)

    That cabling should work depending on how things are configured from a firewall zones perspective, how it handles the passive FW, etc.


    ------------------------------
    ALLYN CROWE
    ------------------------------



  • 3.  RE: Best way to cable VC to HA firewalls for redundancy?

    Posted 05-29-2021 05:39
    The cabling will depend on how the firewall side interfaces are used and what the firewall failover process is.  

    Your example is appropriate if this is a active/passive firewall pair
    And the two interfaces on each firewall are a single interface bundle with tags for the multiple zones

    But if the two interfaces are each untagged and single zone the setup will take down one side of your firewall if a single switch fails.

    ------------------------------
    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
    http://puluka.com/home
    ------------------------------