Be sure the path through your network supports sending icmp unreachables
from each node so that the source can fragment if need be. Additionally
firewalls should not be configured to block icmp unreachables, as this
breaks PMTUD. If customer firewalls block icmp unreachable type four
messages,
Hi all,
Question regarding JunOS (SRX) route based VPN with Cisco remote end.
In such a route-based configuration, how are the SA's generated with the
Cisco? On the Cisco side you match an ACL as interesting traffic and
the SA's are created based on that. On JunOS route-based vpn, is it the
2 matches
Mail list logo
