Configuring Cisco Stateful Interchassis Redundancy | NAT & Zone Based Firewall State Synchronization

Channel:
United States Robert Mayer
Subscribers:
6,570
Published on ● Video Link: https://www.youtube.com/watch?v=z1O0fPjn-tU


Duration: 32:36
2,626 views
38

In this video I will show you how to configure Cisco Stateful Interchassis Redundancy. This video also includes the configuration needed to sync NAT translations and Zone Based Firewall states between two Cisco firewall enabled routers.

If you're looking to get straight to the point, skip ahead to 5:14

Looking to learn how to configure NAT and ZBF on a Cisco router? Below are some links to my other videos:

Configure NAT on a Cisco router: https://youtu.be/KYsHi9u_BmI
Configure ZBF on a Cisco router: https://youtu.be/h-fW0OnKlc8

Below are some basic commands for reference purposes:

RTR-FW1
---------------
FW1# en
FW1# conf t
FW1(config)# redundancy
FW1(config-red)# application redundancy
FW1(config-red-app)# group 1
FW1(config-red-app-grp)# name RG1
FW1(config-red-app-grp)# priority 105
FW1(config-red-app-grp)# preempt
FW1(config-red-app-grp)# data gi0/7
FW1(config-red-app-grp)# control gi0/7 protocol 1

FW1(config)# int gi0/0
FW1(config-if)# redundancy rii 100
FW1(config-if)# redundancy group 1 ip 192.168.2.252 exclusive decrement 100

FW1(config)# int gi0/1
FW1(config-if)# redundancy rii 200
FW1(config-if)# redundancy group 1 ip 192.168.255.1 exclusive decrement 100

FW1(config)# ip nat inside source list NAT pool ISP1 redundancy 1 mapping-id 100 overload

FW1(config)# parameter-map type inspect global
FW1(config-profile)# redundancy

RTR-FW2
---------------
FW2# en
FW2# conf t
FW2(config)# redundancy
FW2(config-red)# application redundancy
FW2(config-red-app)# group 1
FW2(config-red-app-grp)# preempt
FW2(config-red-app-grp)# data gi0/7
FW2(config-red-app-grp)# control gi0/7 protocol 1

FW2(config)# int gi0/0
FW2(config-if)# redundancy rii 100
FW2(config-if)# redundancy group 1 ip 192.168.2.252 exclusive decrement 100

FW2(config)# int gi0/1
FW2(config-if)# redundancy rii 200
FW2(config-if)# redundancy group 1 ip 192.168.255.1 exclusive decrement 100

FW2(config)# ip nat inside source list NAT pool ISP1 redundancy 1 mapping-id 100 overload

FW2(config)# parameter-map type inspect global
FW2(config-profile)# redundancy

Did you find this content helpful? Let us know - https://www.rmtechcentral.com/contribute

Website: https://www.rmtechcentral.com
Contact: https://www.rmtechcentral.com/contact



Other Videos By Robert Mayer


2021-05-22802.1Q Tunneling (Q-in-Q) | Brief Overview and Sample Configuration
2021-05-20Cisco ASA Firewall Active/Standby Failover Configuration
2021-05-03What Is Proxy ARP? | Proxy ARP Example
2021-04-26Spanning Tree Protocol | Root Bridge Election | Port Selection | Why Layer 2 Loops are Undesirable
2021-04-09Configuring a Client to Site IPSec VPN Tunnel on a Cisco ISR Router
2021-03-04How To Configure Dual ISP Failover on a Cisco Router With a Dynamic Public IP Address
2021-01-28IP Subnetting - Part 3 | Reverse Engineering a Subnet Mask | Bitwise AND Operation
2020-12-19IP Subnetting - Part 2 | Subnetting Based on Network Requirement
2020-12-17IP Subnetting - Part 1 | Subnetting Based on Host Requirement
2020-10-29MPLS, VRFs, and Multiprotocol BGP | Basic Configuration
2020-06-25Configuring Cisco Stateful Interchassis Redundancy | NAT & Zone Based Firewall State Synchronization
2020-06-18Configuring "Router on a Stick" | Cisco Networking
2020-06-12Configuring and Explaining HSRP + Interface Tracking | Network Redundancy
2020-06-07Configuring Zone Based Firewall on a Cisco IOS Router | Very Basic Cisco Networking 101 - Part 3
2020-05-30How MAC Addresses Are Managed Using NIC Teaming in Switch Independent Mode on Windows Server
2020-05-29Configuring Multi Homed NAT, IP SLA, and OSPF Default Route Redistribution Using Route Maps
2020-05-28Configuring DHCP on a Cisco IOS Router | Very Basic Cisco Networking 101 - Part 2
2020-05-28Configuring NAT on a Cisco IOS Router | Very Basic Cisco Networking 101 - Part 1
2019-06-26Thinking About Making an In-Depth Video of My Network... Let me know in the comments.
2019-01-30How to Run Microsoft Hyper-V 2012 From a USB Thumb Drive (Download in description)
2018-11-14Doom 2016 Gameplay - No Commentary - Part 3


Tags:
Stateful Interchassis Redundancy
Cisco
Stateful NAT
Firewall
Firewall Sync
HA
High Availability
Zone Based Firewall
CCNA
CCNP
CCIE