[j-nsp] SRX Active/Passive cluster with redundant route based IPSec - connectivity to AWS VPC
Andy Litzinger
andy.litzinger.lists at gmail.com
Mon May 5 18:23:13 EDT 2014
Hi All,
Two related questions. I have a pair of SRX 3400s in an Active/Passive
cluster. They rely on an external gateway for internet access (i.e. my
ISPs don't terminate on the SRXs). I am setting up redundant tunnels to an
AWS VPC. Amazon has an example for J-Series (
http://docs.aws.amazon.com/AmazonVPC/latest/NetworkAdminGuide/Juniper.html),
but I don't think it's for a cluster set-up.
Here are my questions:
1 - If I want to set up a redundant secure tunnel interface (e.g. st0),
should i bind it to an reth interface?
2 - Has anyone connected an Active/Passive SRX cluster to an AWS VPC? Any
tips or tricks you care to share?
regards,
-andy
More information about the juniper-nsp
mailing list