SRX Services Gateway
SRX Services Gateway

vpn redundancy between 2 dc in L3

02.11.12   |  
‎02-11-2012 09:53 AM



I have 2 SRXs 240H on each side and i'd like make redundancy in L3. I have some concept but i'm not sure it's correct.

I'd like make  ipsec link from each SRX   to each remote SRX.  On internal interfaces i would like use vrrp or ospf. There are some problems or limits ? for example what about  asymetric path ? It's  possible traffic go via srx1 but come back from srx2 ? What is better on internal interfaces vrrp or ospf ?  In attachment my proposal scenario. Thanks for any advice