Dears,
We are using SRX as LTE Security Gateway that will be used to terminate IPSEC tunnel of some thousands of eNodeB , we want the IPSEC GW to be always IKE responder so we can have the most useful logs availeble on our side , we tried to keep persistent tunnel on eNodeB side and on-demand tunnel on SRX side but we still have the below status , SRX is responder for some eNodeB and initiator for other :
# run show security ike security-associations detail | match "peer|Role"
IKE peer X.X.X.X, Index 75179403, Gateway Name: 1220
Role: Initiator, State: UP
IKE peer X.X.X.X, Index 75179404, Gateway Name: 1228
Role: Responder, State: UP
Any suggestion
Kayssar