Routed IPSEC and HA



  • Going to be setting up routed IPSec at a new site, so I can take advantage of the better routing feature. Watched the hangout, I am familiar with how this work, it's "the Juniper way". The one thing I could not find is how this behaves when you have an HA pair running. So does it just automagically figure it out with the /30? Do you have to do some additional steps and give it a CARP? That subject seems to be missing from the documentation.



  • Yes, HA will figure out how to route, all you need is to use VIP as interface instead or WAN.


Log in to reply