Intrusion Prevention

  • 1.  IDP 250 redundancy of virtual router

    Posted 05-20-2015 09:12

    Hello ! Maybe anybody has done such network scenario with juniper idp ? 

    Is there the redundancy between virtual routers ( pair of interfaces)?

     

    For example, traffic goes through the top link ( and vr1). when link goes down , the second continues send traffic (vr2 in use )

     

     

    idp250.png



  • 2.  RE: IDP 250 redundancy of virtual router

    Posted 05-26-2015 01:54

    Hi,

     

    The task was really good, and would have to say your answer lies with a simple concept of IDP that is Peer port Modulator. When Peer port modulator is enabled, if any of the interfaces goes down with respect to Vr , then the sensor will automaticly make all the interface with respect to Vr will be down and obviously then the appropriate action wil take place.

     

    You can go through with the below KB. 

     

    KB7418

     

     

    Please accept as a solution if it really helps you.



  • 3.  RE: IDP 250 redundancy of virtual router

    Posted 05-26-2015 07:57

     Hello, THE HAMMER ! So Does it mean that such topology will work ? 

    In this case, are needed  any additional network settings in IDP250 ? Or nothing! 



  • 4.  RE: IDP 250 redundancy of virtual router
    Best Answer

    Posted 05-26-2015 10:18

    Yes it should work, however i have not tested in lab or in a network. remember the nicbypass and peer port module cant be configured on the same interface . 

     

     

     

     

     

     

     

     

     

     

    Accept as a solution.