[j-nsp] Two IPSec questions...

Derick Winkworth dwinkworth at att.net
Sat Aug 15 09:21:25 EDT 2009


Using next-hop style service-sets.

1) Is there any kind of observable event/log entry that occurs when a
plain IPSec tunnel  goes down (remote endpoint has static IP)? 

    When a tunnel goes down at one site, we would like to redirect
traffic to another site that also has a tunnel to the same remote
network...  RRI doesn't work for remote static IPs.  Also you can not
have more than one ISAKMP access profile applied to a single public IP. 
I cant seem to get the router to generate any kind of event when DPD
detects loss of peer. 

2) Dynamic routing over IPSec using BGP...   solutions (preferably
without GRE)?  







More information about the juniper-nsp mailing list