Question : Physical wiring for hot stand-by

This might be one of those 'non-existent' dumb questions.

I have two firewalls (Astaro 220s) set up in Active-Passive mode. Currently I have a non-managed 1gb 5 port switch between tham and the cisco router provided by my LEC (voice/data provider). I have talked to my voice/data provider to see if they could some how bridge two ports on their router so that one connects to the Master firewall and the other connects to the hot stand-by - but they tell me that having the switch between them is the only option. I do not like having this additional single point of failure (the 5-port switch) when the whole reason for adding the hot stand-by was to do away with my firewall being a single point of failure.

So my question (dumb????) Is - what would happen if I physically built an ethernet Y-cable (no brains) splitting all 8 wires to both connections and connected both my firewalls directly to the ISP's router? It is my understanding that only one firewall (either master or hot-standby) would communicate through this cable at any given time- they do not both communicate at the same time.

Answer : Physical wiring for hot stand-by

Mr Rhodes, you last suggestion is correct, you can essentially just leave the firewall pair in place and simply have the "master" connected to the WAN. If the master fails, you would lose internet, but your local LAN would still function.

I still do not believe the Y cable with work. The problem I see is I am unsure if the router will be able to establish Layer 2 connection (namely valid ARP assignments). when you run through a switch even a dumb switch, every port has a single MAC address connected to it. The router then knows, hey to reach MAC address "2" and "3", I need to send it to MAC address "1". On the device with MAC address "1" its ARP table has "2" and "3" on separate ports that are directly directed allowing proper packet routing.

Your Y Cable is attempting to connect multiple MAC addresses to a single port and I am unsure how the router wand firewalls will deal with that.

Random Solutions

Store file in mysql using connector.net and blob field

Routing and remote access VPN ip.

Mass user Migrate from LCS to OCS 2007

Windows XP - BSOD STOP: C000021a The windows logon process terminated unexpectedly with a status of 0x00000005 (0x00000000 0x00000000)

Changing fileserver password

Insert one field or value as another

HP SAN drive fail

Install IIS with a vbs script.If supporting files needed pick from a predefined path.

download linux OS