Hi, I want to setup a high availability firewall using two identical servers. If there is some information on how this has been done before, I would welcome any pointers. My own idea involves using HeartBeat to switch the active IP address between the two firewalls. This will effectively create a "active/passive" system, where the passive firewall is simply a hot standby in case the primary fails. Any thoughts? Thanks, Baldur ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
Hmm teaches me to search the archive first - I see this question as just been asked. Sorry about that, never mind. Baldur Baldur Norddahl wrote:>Hi, > >I want to setup a high availability firewall using two identical >servers. If there is some information on how this has been done before, >I would welcome any pointers. > >------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
Baldur Norddahl wrote:> Hi, > > I want to setup a high availability firewall using two identical > servers. If there is some information on how this has been done before, > I would welcome any pointers. > > My own idea involves using HeartBeat to switch the active IP address > between the two firewalls. This will effectively create a > "active/passive" system, where the passive firewall is simply a hot > standby in case the primary fails.Documentation of my experiences here: http://linuxman.wikispaces.com/Shorewall+basic+failover+with+heartbeat -- Paul <http://paulgear.webhop.net> -- Did you know? Email is not private and can be viewed by your ISP, the recipient''s ISP, and possibly other parties. You can make sure your emails are private by using GNU Privacy Guard <http://www.gnupg.org> and an email plug-in like Enigmail <http://enigmail.mozdev.org>. ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV