Alternative solution. Keep doing route based tunnels, but use traffic
selectors. I use it to have the remote end doing policy based ipsec (old
cisco cpe as an example) while keeping the SRX as a route (st interface)
based ipsec implementation.
https://www.juniper.net/documentation/en_US/junos/topi
Wondering how to get ping to work directly from SRX across ipsec policy
tunnels.
Have no issues dong it with route based tunnels, simply using lo0 with
tunneled subnet address and default-address-selection option, but can't
make it work with policy tunnels.
Long term goal is to get vpn-monitor op
2 matches
Mail list logo