Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

High Availability

  • Dynamic routing protocol support for IPsec VPN in Multinode High Availability (SRX1500, SRX4100, SRX4200, SRX4600, SRX5400, SRX5600, SRX5800, and vSRX3.0)—Starting in Junos OS Release 23.2R1, you can enable dynamic routing protocols for IPsec VPN in a Multinode High Availability setup by configuring node-local tunnels.

    To configure node-local tunnels, you must specify the set security ike gateway <name> node-local statement in the IKE gateway configuration on both the SRX Series Firewalls in a Multinode High Availability setup.

    With dynamic routing protocols, you can add and remove IP prefixes in the network and automatically redistribute the prefixes to the network peers without changing the traffic selector configuration.

    See [IPsec VPN Support in Multinode High Availability].