使用模拟器模拟PIX做虚拟防火墙failover

Primary Unit Configuration
PIX Version 8.0(2) <system>
!
hostname pixfirewall
enable password 8Ry2YjIyt7RRXU24 encrypted
mac-address auto
!
interface Ethernet0
!
interface Ethernet1
!
interface Ethernet2
 description LAN/STATE Failover Interface
!
interface Ethernet3
!
interface Ethernet4
!
failover
failover lan unit primary
failover lan interface failover Ethernet2
failover lan enable
failover link failover Ethernet2
failover interface ip failover 11.11.11.11 255.255.255.0 standby 11.11.11.22
failover group 1
  preempt
failover group 2
  secondary
  preempt

admin-context admin
context admin
  allocate-interface Ethernet0
  allocate-interface Ethernet3
  config-url flash:/admin.cfg
  join-failover-group 1
!            

context test
  allocate-interface Ethernet1
  allocate-interface Ethernet4
  config-url flash:/test.cfg
  join-failover-group 2
!
Primary Unit Context admin Configuration
PIX Version 8.0(2) <context>
!
hostname admin
enable password 8Ry2YjIyt7RRXU24 encrypted
names
!
interface Ethernet0
 nameif outside
 security-level 0
 ip address 1.1.1.1 255.255.255.0 standby 1.1.1.2
!
interface Ethernet3
 nameif inside
 security-level 100
 ip address 3.3.3.1 255.255.255.0 standby 3.3.3.2
!
monitor-interface outside
monitor-interface inside
route outside 0 0 1.1.1.254

 

Primary Unit Context Test Configuration
PIX Version 8.0(2) <context>
!
hostname test
enable password 8Ry2YjIyt7RRXU24 encrypted
names
!
interface Ethernet0
 nameif outside
 security-level 0
 ip address 2.2.2.1 255.255.255.0 standby 2.2.2.2
!
interface Ethernet3
 nameif inside
 security-level 100
 ip address 4.4.4.1 255.255.255.0 standby 4.4.4.2
!
monitor-interface outside
monitor-interface inside
route outside 0 0 2.2.2.254

 

Secondary Unit Configuration
failover
failover lan unit secondary
failover lan interface failover Ethernet2
failover lan enable
failover interface ip failover 11.11.11.11 255.255.255.0 standby 11.11.11.22