Cisco Cisco IPS 4520 Sensor Weißbuch

Firewall

August 2012 Series

The tracked object should be in the primary ISP’s network. The point of
tracking an object in the primary ISP’s network is because if reachability to
this object is available, then all connectivity to that point is working, includ-
ing: the appliance’s connection to the customer premise router, the WAN
connection, and most routing inside the ISP’s network. If the tracked object
is unavailable, it is likely that the path to the primary ISP is down, and the
appliance should prefer the secondary ISP’s route.

Step 1:

Navigate to

Configuration > Device Setup > Interfaces

Step 2:

On the Interface pane, click

Add > Interface

Step 3:

In the Add Interface dialog box, in the

Hardware Port

list, choose

the interface configured in Step 4. (Example: GigabitEthernet0/3)

Step 4:

In the

VLAN ID

box, enter the VLAN number for the resilient Internet

VLAN. (Example: 17)

Step 5:

In the

Subinterface ID

box, enter the VLAN number for the resilient

Internet VLAN. (Example: 17)

Step 6:

Enter an

Interface Name

. (Example: outside-17)

Step 7:

In the

Security Level

box, enter a value of

Step 8:

Enter the interface

IP Address

. (Example: 172.17.130.124)

Step 9:

Enter the interface

Subnet Mask

, and then click

. (Example:

255.255.255.0)

Step 10:

On the Interface pane, click

Apply

Step 11:

Navigate to

Configuration > Device Management > High

Availability > Failover.

Step 12:

On the

Interfaces

tab, in the

Standby IP Address

column,

enter the IP address of the standby unit for the interface you just created.
(Example: 172.17.130.123)