NetScreen Firewall (NSRP) configuration

Considering the netscreen of network devices, the design of a special backup "NetScreen Redundancy Protocol (NSRP)", Redundancy Protocol (NSRP) is a proprietary protocol supported on selected NetScreen devices that provides high availability (HA) services.

To normally play the role of a network firewall, the NetScreen device must be placed on a single point in which traffic must be passed between all segments. Therefore, it is essential to maintain flow uninterrupted flow, even in the event of a device or network failure.

All traffic flowing between the security sections of the trust sector must pass through the NetScreen device. Untrust section to ensure continuous flow of traffic, you can use a redundant cluster to connect and configure two NetScreen devices, one as the main device and the other as its backup. The primary device propagates all network and configuration settings and information from the current session to the backup device. When a primary device fails, the backup device is promoted to the main device and takes over the flow processing. In this case, the two devices are active/passive, the primary device is active, all firewalls and VPN activity is handled, the backup device is passive, and it is waiting for the main device to take over. However, if the NSRP protocol is required to function, the application port of the entire firewall must be connected with a cable line. Also, if you want to maintain a network connection that manages traffic for one or more physical interfaces of netscreen devices in the NSRP cluster.

NSRP for Active/passive configuration on existing networks:

One, the cable connection

1, all the physical ports on the firewall are connected to the switch port;

2. Connect the HA1 and HA2 ports of the firewall with 2 heartbeat lines.

Second, the active NSRP host configuration

Under the Web interface:

1, Network > Redundancy > Settings: Enter the following, and then click Apply:

Cluster id:1