Hello ML,
I have a network scenario like this below:
[M7i]--|
|---WAN---[Cisco]
[M7i]--|
Between Cisco and both JNPR I have to establish IPsec tunnels, one for each
M7i. Configurations work great, but I have a problem: how to make Cisco router
discover a faulty M7i and the redundant M7i take up the IPsec tunnel? First, I
thought to configure the DPD on Cisco ( IKE keepalive). When Cisco doesn't
receive a: "R_U_THERE" hello answer, it should engage the second end-point: did
you ever tried this?, does it work?
The second possibility is to make the Cisco establish IPsec tunnel to a VRRP
address: once again, do yuo have some experience about this?
Thnks a lot for your patience and help.
Ciao
MAX
--
_______________________________________________
Surf the Web in a faster, safer and easier way:
Download Opera 9 at http://www.opera.com
Powered by Outblaze
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
