Hi Morgan, I presume that with regards to the loopback you are referring to the external interface I use as my IPSec peer toward Amazon?
what about the internal logical st interface that I need to create in order to route my internal traffic into the tunnel? How do I make that redundant? thanks! -andy On Mon, May 5, 2014 at 3:30 PM, Morgan McLean <[email protected]> wrote: > Use your loopback and put that in a reth. > > Thanks, > Morgan > > > On Mon, May 5, 2014 at 3:23 PM, Andy Litzinger < > [email protected]> wrote: > >> Hi All, >> Two related questions. I have a pair of SRX 3400s in an Active/Passive >> cluster. They rely on an external gateway for internet access (i.e. my >> ISPs don't terminate on the SRXs). I am setting up redundant tunnels to >> an >> AWS VPC. Amazon has an example for J-Series ( >> http://docs.aws.amazon.com/AmazonVPC/latest/NetworkAdminGuide/Juniper.html >> ), >> but I don't think it's for a cluster set-up. >> >> Here are my questions: >> >> 1 - If I want to set up a redundant secure tunnel interface (e.g. st0), >> should i bind it to an reth interface? >> >> 2 - Has anyone connected an Active/Passive SRX cluster to an AWS VPC? Any >> tips or tricks you care to share? >> >> regards, >> -andy >> _______________________________________________ >> juniper-nsp mailing list [email protected] >> https://puck.nether.net/mailman/listinfo/juniper-nsp >> > > _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
