cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post

Wanted to check on the firewall cluster for the configuration sync across DCs, were primary DC is 1 1 HA and Secondary is 1 [all 3 of them are 4000 series] at perimeter and similar structure 1 1 on primary at core and 1 on secondary at core [12000 series]

Jump to solution

I have a scenario of two DCs 60 Kms apart with three levels of firewalls [Primary perimeter, core and intermediate are all 1+1 HA config while secondary DC is just 1 at perimeter, core and intermediate].

Perimeter is 4000 series and Core is 12000 series, just wanted to check if clusterXL can do the clustering across DCs with 1+1 at Primary and 1+1 at secondary DCs

Secondly, can traffic be managed as well with single virtual IP across the DC's ? [looking for an active/active scenario]

Please advice 

0 Kudos
1 Solution

Accepted Solutions
Employee
Employee

Re: Wanted to check on the firewall cluster for the configuration sync across DCs, were primary DC is 1 1 HA and Secondary is 1 [all 3 of them are 4000 series] at perimeter and similar structure 1 1 on primary at core and 1 on secondary at core [12000 ser

Jump to solution

If I am reading this correctly, you have DC1 with a HA cluster and want to add in a third member in DC2? Yes this can be done with several caveats. The network in DC1 & DC2 have to be the same IP space, the sync connection needs to be a layer-2 connection between the three and the latency needs to be <150 ms.

0 Kudos
1 Reply
Employee
Employee

Re: Wanted to check on the firewall cluster for the configuration sync across DCs, were primary DC is 1 1 HA and Secondary is 1 [all 3 of them are 4000 series] at perimeter and similar structure 1 1 on primary at core and 1 on secondary at core [12000 ser

Jump to solution

If I am reading this correctly, you have DC1 with a HA cluster and want to add in a third member in DC2? Yes this can be done with several caveats. The network in DC1 & DC2 have to be the same IP space, the sync connection needs to be a layer-2 connection between the three and the latency needs to be <150 ms.

0 Kudos