Hi misc, I got a 4.5 box which act as a perimeter ipsec routing gateway, it has 682 flow (by ipsecctl -sf | wc -l).
Some of this flow are up with a static route to the other point of the ipsec tunnel and some of these routes are changing dynamically (netstat shows UGHMS flags). When these routes changes dynamically my tunnel fall cause i cannot reach my tunnel endpoint anymore. Probably these redirect are coming from some ciscozze with HSRP or something and I've already asked the ciscozze admin to look without any luck so I guess I've to do something on my side and I'm here to ask for hints. Should I have to elevate the priority of the static route ? Should I "block" redirects from the ciscozze gateway? BTW the issues is popped up when we deployed 4.5, with 4.3 we didn't notice it but I cannot guarantee something has changed on the other side. Any hints is really appreciated. Cheers -- Massimo
