[j-nsp] vpn monitor vs dead peer detection

OBrien, Will ObrienH at missouri.edu
Thu Aug 30 10:42:11 EDT 2012

We've had issues with vpn monitor tearing down tunnels too often with 10. code on SRXs. I'm currently trying out dead peer detection at the ike level.
I haven't found a good document that describes what dead peer detection does - I know it send R-U-THERE etc, but I don't know what it does when that fails.

Anyone have thoughts on this? I'm leaning toward 11. code for vpn sites at this point, but wanted to get the lists view.


More information about the juniper-nsp mailing list