- Bronze, 100 points or more
I'm working with 2 4260 and a 4270, I will be implementing vlan pair and I would like to know what happens with the traffic if for any reason the IPS fails. Lets say that the failure is due to a power issue.
Yes. You want to create a stand by path between VLAN 310 and 311 in the switch.
Add an additional interface to each VLAN on the switch, cable them together with an ethernet patch cable.
Turn on Spanning Tree Protocol on VLAN 310 and 311 and set the "fail-over" path thru your patch cable to a higher STP cost.
Once the STP BTDU's fail to pass thru the IPS sensor, the stand by path thru the fail over cable will be enabled.
You'll have to play with the timing options to get it to happen in less than the standard STP of 15 seconds or so.