[j-nsp] IPSec Interoperability with Cisco Router
Harshit Kumar
harshit at juniper.net
Sat Jan 1 15:13:49 EST 2005
Hi Eric,
You can try setting this knob in the config on the J20.
This should establish
the tunnel even if there is no traffic.
set services ipsec-vpn establish-tunnels immediately
BR
Harshit
-----Original Message-----
From: juniper-nsp-bounces at puck.nether.net
[mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of Eric Shih
(TP/ERT)
Sent: Saturday, January 01, 2005 7:16 AM
To: juniper-nsp at puck.nether.net
Subject: [j-nsp] IPSec Interoperability with Cisco Router
Hello
I have a question about M20's IPSec behavior toward Cisco Router or
Pix firewall. Becasue when IPSec tunnel
(dynamic tunnel SA) is established , if you manfully clear ipsec tunnel
( clear ipsec security association) or lifetime of
IPSec SA expire, the IPSec tunnel will not negotiate with each other if
there is no traffic going on. The only
way to bring tunnel up is from Cisco side by using ping to trigger. It
seems that we can not bring it up from
J20's side. Do you have any idea of it ?
BR // Eric Shih
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
http://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list