[j-nsp] SRX Active/Passive cluster with redundant route based IPSec - connectivity to AWS VPC

Morgan McLean wrx230 at gmail.com
Mon May 5 18:30:42 EDT 2014


Use your loopback and put that in a reth.

Thanks,
Morgan


On Mon, May 5, 2014 at 3:23 PM, Andy Litzinger <
andy.litzinger.lists at gmail.com> wrote:

> Hi All,
>   Two related questions.  I have a pair of SRX 3400s in an Active/Passive
> cluster.  They rely on an external gateway for internet access (i.e. my
> ISPs don't terminate on the SRXs).  I am setting up redundant tunnels to an
> AWS VPC.  Amazon has an example for J-Series (
> http://docs.aws.amazon.com/AmazonVPC/latest/NetworkAdminGuide/Juniper.html
> ),
> but I don't think it's for a cluster set-up.
>
> Here are my questions:
>
> 1 - If I want to set up a redundant secure tunnel interface (e.g. st0),
> should i bind it to an reth interface?
>
> 2 - Has anyone connected an Active/Passive SRX cluster to an AWS VPC?  Any
> tips or tricks you care to share?
>
> regards,
>  -andy
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>


More information about the juniper-nsp mailing list