I run hsrp at my core and we want to add two firewalls for redundancy purposes (see pic)
The vendor told me that the firewalls will be using its HA feature. In other words, the two firewalls will have the exact configuration and they will backup each other. They can be seen as one firewall and have a virtual IP address 10.20.20.100. The vendor also said that the link between the firewalls and the core switches will be layer 2. Now I am not sure what to think of this as my core switches are layer 3 switches. They will have a default gateway pointed to the firewall virtual IP address. Does anybody have this type of setup? If yes, does it work ok?