[j-nsp] Fwd: SRX IPSEC Full Mesh
Mohammad Khalil
eng.mssk at gmail.com
Wed Oct 30 03:29:42 EDT 2013
Hi all
I have resolved the issue by configuring the second IP address of the
tunnel to a different unit
BR,
Mohammad
---------- Forwarded message ----------
From: Mohammad Khalil <eng.mssk at gmail.com>
Date: Tue, Oct 29, 2013 at 5:28 PM
Subject: SRX IPSEC Full Mesh
To: "juniper-nsp at puck.nether.net" <juniper-nsp at puck.nether.net>
Hi all
I have three SRX firewall , one of them is acting as a hub and the other
two are spokes
I have established two IPSEC VPNs between each spoke and the hub and all is
functioning well
Now , I had a requirement to establish a direct IPSEC VPN between the
spokes , when I do so , I lose all VPN connections on one of the spokes and
the tunnel never comes up ?
I suspected that there is something wrong in the traffic pattern due to
learn the prefix from two places or something , what should be done to
avoid this and bring the two tunnels toward the hub and the spoke up and
functioning ?
BR,
Mohammad
More information about the juniper-nsp
mailing list