[j-nsp] Two IPSec questions...
Alex
alex.arseniev at gmail.com
Sun Aug 16 07:06:48 EDT 2009
You could use event-script which checks IPSec tunnel status every X mins and
if tunnel is down, write a custom syslog message/send a trap.
Rgds
Alex
----- Original Message -----
From: "Derick Winkworth" <dwinkworth at att.net>
To: <juniper at groupstudy.com>; <juniper-nsp at puck.nether.net>
Sent: Saturday, August 15, 2009 2:21 PM
Subject: [j-nsp] Two IPSec questions...
> Using next-hop style service-sets.
>
> 1) Is there any kind of observable event/log entry that occurs when a
> plain IPSec tunnel goes down (remote endpoint has static IP)?
>
> When a tunnel goes down at one site, we would like to redirect
> traffic to another site that also has a tunnel to the same remote
> network... RRI doesn't work for remote static IPs. Also you can not
> have more than one ISAKMP access profile applied to a single public IP.
> I cant seem to get the router to generate any kind of event when DPD
> detects loss of peer.
>
> 2) Dynamic routing over IPSec using BGP... solutions (preferably
> without GRE)?
>
>
>
>
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
More information about the juniper-nsp
mailing list