Comments
-
I had a few moments to try out in lab. IKEv1 or IKEv2 makes no difference. The gatewaylist is so sticky. It wants that first one in the list no matter what traffic based or Dead Peer Detection. **Feature request to give an option to hang out on gateway #2 for a period of time before failback would sure be nice. :smiley: **
-
I could, but I prefer the quickness and added security that IKEV2 provides. I have a couple of old expired WG M200s routers here im going to trial this in a lab enviroment when I get a chance here.
-
Hey @Bruce_Briggs good thought.... But Im using IKEv2 DPD is greyed out, i cant unselect it. So it must be baked into the IKEv2 Protocol. But in refernce to your link above: yes correct the BOVPN Failover works as described. As soon the interface comes back up it wants go go back to that 1st gateway in the list. It sure…
-
Thanks for the response @"james.carson" I have watched the logs and what i See is that the Link Monitor has taken down the interface due to a failed ping. I use google 8.8.8.8. Therefore if interface is down (Due to poor internet service providers link) then the tunnels SA on that interface will also expire due to Dead…
-
@Bruce_Briggs not really, other than a bunch of errors and complaints that it cant call home and activate a license. All the apps / features are complaining there isn't a licesne. I turned on logging on the ping policy. I tried pinging from the diagnostic tasks in WSM. And it wont ping from the device itself either. I know…