External switch for multi-wan
I have a firecluster set up with one switch connected to both boxes on the external interface, and one on the internal. I am going to get a second internet connection, can I just connect both of those to the external swtich?
- Greg Gilbraith
0
Best Answer
-
One switch per external interface, please - either physical or logical - a single managed switch could handle all the Firebox interfaces for both cluster members, but you need to make sure that each Firebox interface is on a separate VLAN.
- Greg Gilbraith
0
Sign In to comment.
Answers
Doesn't it defeat the purpose to have a firecluster if you then create a single point of failure outside of it by using a single switch?
This may have been a test posting on the new forum - since this post was in May 2018, well before this forum was opened for general use in April 2019, and Greg is WG staff.
Yes, a single managed switch would introduce a single point of failure.
Keep in mind your ISP hardware can typically only hand-off to a single device.
It doesn't defeat the the purpose of a firecluster, rather it moves the single point of failure 'upstream' to another device. Having a firecluster mitigates the risk of a firewall dropping dead/failing.