Hello everyone,
First of all, thank you for your time and response.
We have 2 ISP managed circuit routers with HSRP monitoring WAN links and VIP as gateway for the ingress traffic. We forward all the traffic to VIP. We have 1 handoff from each of the routers. We also have 2 Palo-alto firewall running in active-passive state.
Currently to make the configuration work, we have a Extreme switch sitting in the between of router and firewalls and connecting 2 handoff from router and 2 links to the firewall, creating a single point of failure.
This switch actually has a peer switch with MLAG configuration, but we are unable to come up with a way, where we can have it redundant over both the switches. I have attached diagram of the same.
Is there a way to remove this single point of failure?
Thank you!
