There are two methods possible ways of doing this (to me).
1) Stand up two VPN tunnels and just have one down at all times. You would
use your existing configuration (assuming it's main mode) and just change
the source IP where you expect the VPN initiator to come from.
2) Change your existing
I have a srx240. I have someone who has a vpn with us who wants to
change from a static IP address on an ipsec tunnel to a FQDN. Is there
any documentation on how to do this or if it is possible? He is able to
provide the two ip's to me that it will be coming from. This is for a
failover from
I use this for backup connectivity on dynamic endpoints and they are quite
happy. One end must be fixed (which I assume is yours).
Their configuration:
set security ike gateway gateway-name local-identity inet their-vpn-ip-address
set security ike gateway gateway-name remote-identity inet
3 matches
Mail list logo