Hi Folks, SRX3600 in chassis cluster is running on core side and having 200 branches (with SSG140) connected to it on IPSEC tunnels. Every branch has two link with different ISPs (primary and secondary) and the whole cloud (of ISPs) is on MPLS. every branch is connected to core with primary and backup VPNs and so primary and backup VPN are configured on Core SRX3600 with primary and backup ISPs
On core side, let say I have two interface on SRX3600 first is reth3.1 for ISP1 second is reth3.2 for ISP2 st0.1 is bound to reth3.1 for primary IPSEC tunnel st0.2 is bound to reth3.2 for secondary IPSEC after upgrading to Junos 10.2R2.11, the issue that I am seeing is that, when primary link on branch gets down, the st0.1 interface remains up on core SRX3600, that why the primary route (with lower preference), never flush and hence traffic does not take secondary VPN. Can any body help me ASAP for having this automatic failover? thanks in adv, regards Muhammad Fahad Khan JNCIP - M/T # 834 IT Specialist Global Technology Services, IBM fa...@pk.ibm.com +92-301-8247638 Skype: fahad-ibm http://pk.linkedin.com/in/muhammadfahadkhan _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
