• February 23, 2019, 04:46:30 AM
Welcome, Guest. Please login or register. Registration is free.
Did you miss your activation email?

Author Topic: VPN failing in site-to-site case  (Read 2701 times)

0 Members and 1 Guest are viewing this topic.

Offline AN

  • Rookie
  • **
  • Posts: 24
VPN failing in site-to-site case
« on: October 12, 2011, 08:39:56 AM »
Dear Team,

I have configured site-to-site VPN between two SRX210 box. The central site is with static IP and the branch office is  dynamic behind a ADSL router.

At the end of the day, the branch office will power off all devices and leave. The next day when they switch it on, they will get a new static ip and the vpn tunnel will go down and i need to manually run the following commands

#Run clear security ike security-associations

#Run clear security ipsec security-associations

#Run clear security ipsec statistics

to make the tunnel up again.

Do a scripting will help whenever the SRX at branch reboots so that the tunnel will be up always.

Would you recommend any  other alternate suggestion ?

Thanks and regards,

Offline Flintstone

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 955
Re: VPN failing in site-to-site case
« Reply #1 on: October 12, 2011, 10:29:20 AM »
Hi AN,

We have something similar with site-to-site VPNs with Checkpoint firewalls.

The issues we found and resolved were to order static IP's with ADSL at the branch Office and configure the ADSL router to forward all traffic (to/from) the VPN firewall IP address on the branch office LAN.  This was the most reliable solution for us?

CheerZ and good luck