In my experience, I have used a looback interface address of the SRX as
the destination of the GRE tunnel on both sides then just send the /32
route of the loopback at the other end to the st0.0 address.
One important thing here. When you use loopback for IPSecs, GRE, iBGP or
any other sort
This works for a few hours approximately and then no traffic will pass.
As a quick test try to decrease the SA timelive (both phase 1 and 2) to
possible configurable minimum. If the freezing time changes (AFIAR it's
rekeyed each half-life period), you'll have a way to go further. Also check
if
Hey there.
Having a bunch of grief with site to site VPN on SRX220. This box connects
out on a GRE tunnel carrying voice traffic to one location along with a
couple of IPSec tunnels to other remote offices (2 at the moment).
Sometimes it works and sometimes it doesn't . I know that's a
@puck.nether.net
Subject: [j-nsp] SRX Site-to-Site Question
Hey there.
Having a bunch of grief with site to site VPN on SRX220. This box connects
out on a GRE tunnel carrying voice traffic to one location along with a
couple of IPSec tunnels to other remote offices (2 at the moment).
Sometimes
4 matches
Mail list logo