Cisco switch redundancy/failover with limited options

Posted on 2007-07-19
Last Modified: 2008-01-09
I am trying to configure my network to have no single points of failure.

I am looking to implement a clustered firewall, however I am given one internet cable and one private network cable by my ISP where I host our current single firewall.

I have been thinking of how I can split each cable into 2 (2 internet cables, one to each firewalls WAN port and 2 private network cables, one to each firewalls LAN port)

I have thought of setting up 2 Cisco switches in a failover config (I believe this is possible but have never done before..) then plug one WAN and one LAN port from each firewall into separate switches.

However I am stuck with the fact that I am given 1 cable for the internet side and one cable for the private network side and hence can only plug these into one of the switches so I lose my redundancy in the case of switch failure.

Has anyone been in my situation before? any other solutions that I am missing?


PS. Having my ISP configure VLANS on their switches to provide 2 network cables for internet and 2 network cables for private network is not possible due to my ISPs network architecture, they could do this for me if I was willing to change my public IP addresses however this would be a major project so im trying to avoid this at all costs.
Question by:thegewse
    LVL 16

    Accepted Solution

    In that case it is not possible to avoid the SPoF in your internet connection. You are right about using the switches to create a failover point within the network but you do require 2 of every single connection to avoid the failures you are worried about.

    Author Comment

    I know that unfortunately you are correct btassure, i was looking for an impossible solution!


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    Security is one of the biggest concerns when moving and migrating your data from your on-premise location to the Public Cloud.  Where is your data? Who can access it? Will it be safe from accidental deletion?  All of these questions and more are imp…
    Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    760 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    8 Experts available now in Live!

    Get 1:1 Help Now