[j-nsp] 答复: Site to Site VPN issues with Cluster

[Jack Xu]

I'm think it should work fine, and i suggest you check your st0.X's MTU.

Best Regards,


Jack Xu
Senior Engineer
Tel:(86)-13524613903
QQ:838178533



-----邮件原件-----
发件人: juniper-nsp [mailto:juniper-nsp-bounces at puck.nether.net] 代表 Levi
Pederson
发送时间: 2014年5月9日 4:05
收件人: juniper-nsp at puck.nether.net
主题: [j-nsp] Site to Site VPN issues with Cluster

Greetings,

I've created several VPNs with little or no trouble in the past.  Between
both Cisco and Juniper devices.  But I am a little stumped by I cannot
connect a simple (Static IP) IPSec Tunnel between an SRX240 Cluster and a
single srx210.  I've checked the policies and the proposals and they are
spot on identical.  I've put the external interface on the cluster (lo0.0)
on the right external zone.  I'm also running OS 12.1.X44.D30 which
supports.  I've been reading several diatribes on how to place the loopback
into the redundancy and I have done that as well.  I'm still gathering the
configurations for perusal as they need to be secured.  First question would
be, does anything instantly pop out to anyone?  I'll have the configs loaded
as soon as I can.

Thank you,
*Levi Pederson*
Mankato Networks LLC
cell | 612.481.0769
work | 612.787.7392
levipederson at mankatonetworks.net
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp