[Last Call] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 183
  • Last Modified:

Can we setup a second firewall to give the public redundant access to a web server?

We have a 10mbps connection coming into a client's site.  A Sonicwall firewall sits on that connection and behind it a web server on the LAN.  The client also happens to have a DSL connection into that building.  So for redundancy purposes they asked if they could get that DSL connection to act as another gateway TO the web server sitting on that LAN.  Would it be as simple as:

1. Setting up the second firewall with its WAN configured to a STATIC IP on the DSL.
2. Setting up the second firewall with its LAN side configured to an unused STATIC IP on the same LAN as the first firewall and web server.
3. Creating another A record in the domain's DNS zone record for the WWW traffic to reflect the DSL's static IP address?

  • 2
1 Solution
What is the model of the SonicWALL appliance?

You can set up WAN failover on some models so that if one connection fails then it will automatically switch to the secondary connection.  You will of course have to set up DNS as well so that in the event of a failover the secondary connection can be reached and used externally.
lmkandiaAuthor Commented:
We wish to use the 2 firewalls independently of each other.  The first firewall is an NSA model, more than capable of doing the failover on its own.  But we wish to implement the second firewall, a TZ180 I believe, as a second live firewall accessing the same web server simultaneously.  Does the above design sound ok?  Or is there a flaw in there somewhere?
So long as you make sure the DNS and routing entries properly have it all point to the web server then absolutely.

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now