You don't need to do anything special to make the st0 interface
redundant, it will always run on the active node.
On 06.05.2014 08:38, Andy Litzinger wrote:
Hi Morgan,
I presume that with regards to the loopback you are referring to the
external interface I use as my IPSec peer toward Amazon?
what about the internal logical st interface that I need to create in
order
to route my internal traffic into the tunnel? How do I make that
redundant?
thanks!
-andy
On Mon, May 5, 2014 at 3:30 PM, Morgan McLean <[email protected]>
wrote:
Use your loopback and put that in a reth.
Thanks,
Morgan
On Mon, May 5, 2014 at 3:23 PM, Andy Litzinger <
[email protected]> wrote:
Hi All,
Two related questions. I have a pair of SRX 3400s in an
Active/Passive
cluster. They rely on an external gateway for internet access
(i.e. my
ISPs don't terminate on the SRXs). I am setting up redundant
tunnels to
an
AWS VPC. Amazon has an example for J-Series (
http://docs.aws.amazon.com/AmazonVPC/latest/NetworkAdminGuide/Juniper.html
),
but I don't think it's for a cluster set-up.
Here are my questions:
1 - If I want to set up a redundant secure tunnel interface (e.g.
st0),
should i bind it to an reth interface?
2 - Has anyone connected an Active/Passive SRX cluster to an AWS
VPC? Any
tips or tricks you care to share?
regards,
-andy
_______________________________________________
juniper-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/juniper-nsp
