F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Network Management Configuration Guide-6PW100
339
Summary Count : 1
Destination/Mask Proto Pre Cost NextHop Interface
120.1.1.0/24 Static 65 0 10.1.1.100 GE1/2
Static Routing table Status : < Inactive>
Summary Count : 1
Destination/Mask Proto Pre Cost NextHop Interface
120.1.1.0/24 Static 60 0 12.1.1.2 GE1/1
The output shows that Firewall A communicates with Firewall B through Router.
626BBFD for static routes configuration example (indirect next hop)
The following matrix shows the configuration example and hardware compatibility:
Hardware Exam
p
le a
pp
licable
F1000-A-EI/F1000-S-EI No
F1000-E No
F5000 Yes
Firewall module No
U200-A No
U200-S No
1343BNetwork requirements
In 2523HFigure 242, Firewall A has a route to interface Loopback1 (2.2.2.9/32) on Firewall B, with the output
interface GigabitEthernet 1/1. Firewall B has a route to interface Loopback1 (1.1.1.9/32) on Firewall A,
with the output interface GigabitEthernet 1/1. Router D has a route to 1.1.1.9/32, with the output interface
GigabitEthernet 1/1, and a route to 2.2.2.9/32, with the output interface GigabitEthernet 1/2.
Configure a static route to subnet 120.1.1.0/24 on Firewall A, and configure a static route to subnet
121.1.1.0 / 24 o n Fi r e w a l l B. E n a b l e B F D f o r b o t h r o u t e s . C o n f i g u r e a s t a t i c r o u t e t o s u b n e t 12 0 .1.1.0 / 24
and a static route to subnet 121.1.1.0/24 on both Router A and Router B. When the link between Firewall
A and Router B through Router B fails, BFD can detect the failure immediately and inform Firewall A and
Firewall B to communicate through Router A.