IPS & HSRP issue between 2 routers

Unanswered Question
Apr 8th, 2009
User Badges:

Hi guys,


I connected an IPS in inline mode (check the attached diagram to see how IPS is connected), after connecting it, internet & every thing was working fine except HSRP, routers can't see each other.


i tried to bypass the traffic (disable inspection), but again facing same issue..


any solution?


Regards,




Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
marcabal Wed, 04/08/2009 - 15:26
User Badges:
  • Cisco Employee,

I have not heard of any problems where a sensor would affect HSRP especially while in Software ByPass ON mode.


If you are using the Copper ByPass NICs, and not the Fiber NICs, then the next thing I would recommend is physically powering off the sensor.

This will turn on the Hardware ByPass within the NICs.

The links will drop.

When the links come back up the Routers will link directly to the switches instead of the sensor (in Hardware ByPass the sensor's interfaces just patch together the 2 network cables.)


If HSRP starts working when the sensor is powered off, but does not work when the sensor it powered up with ByPass set to ON; then this would be a very unique issue and will likely need assistance from the TAC for further debugging.


If HSRP still doesn't work with the sensor powered off, then it is less likely to be a sensor caused issue.

Did any configuration on your routers or switches change when you were deploying your sensors? Maybe one of those changes is causing the HSRP issue?


ramikamel911 Fri, 04/10/2009 - 07:06
User Badges:

Hi marcabal,


thanks for your reply, actually i did as you suggested, i turned of the sensor from the IPS software "shut-down sensor", also i put the bypass mode in On mode, but hardware bypass didn't work & i was not able to access IPS, and still HSRP didn't work & every thing was down..


so i turned off the IPS then turned it On, & when it came up, HSRP worked fine & both routers saw each others..


but a strange thing happend that users lost internet connectivity, so i put bypass mode on again "not to inspect the traffic" so internet back again, anyhow hsrp didnt affect, but internet did..


whats is your opinion for what happened?


Regards


Actions

This Discussion