High Availability Solution With Dual Nokia Ip40 - Nokia IP40 User Manual

Hide thumbs Also See for IP40:
Table of Contents

Advertisement

10
High Availability

High Availability Solution with Dual Nokia IP40

This scenario supplements the single device HA solution with VRRP to cater to device failures
at branch office coupled with dedicated link between the Nokia IP40 Security Platforms on
DMZ ports and internal BGP to synchronize the route updates from central office on both the
devices. The dedicated links between both Nokia IP40 devices is secured with IPSec VPN.
Nokia IP40 (R1) acts as the default virtual router for the branch office network, and is connected
to RO1 by using DSL or a cable connection (preferred path). If any service interruption occurs in
the R1 LAN , Nokia IP40 (R2) takes over as the default virtual router and forwards the branch
office traffic on the DMZ to RO1 securely. If the IP40 (R1) device fails, R2 becomes master and
dial-up is activated. Now R2 connects to RO2 and establishes a VPN connection. R2,and the
BGP peer (R4) located in RO2 establish a BGP connection over VPN, and the traffic from
branch office flows through this alternative path. As soon as IP40 (R1) detects the established
BGP session on the DSL connection, the dial-up connection to RO2 on R2 is discontinued.
136
Nokia IP40 Security Platform User's Guide v1.1

Advertisement

Table of Contents
loading

Table of Contents