[j-nsp] Loopback VPN termination High End SRX
Morgan McLean
wrx230 at gmail.com
Wed Jan 22 17:08:52 EST 2014
Hi all,
Quick question regarding terminating IKE on a lo0 interface on a 3600
cluster.
http://www.juniper.net/techpubs/en_US/junos12.1x44/topics/concept/security-loopback-interface-ha-for-vpn.html
According to this, it mentions putting lo0 into an RG thats not 0, which is
the one tied to RE and master node etc. Does anybody do this? Do you just
assign lo0 to redundancy group say 2, and then it just works? Anything else
we need to do? The VPN packets could come in over node 0 or node 1...so I'm
not sure exactly how this helps.
--
Thanks,
Morgan
More information about the juniper-nsp
mailing list