Which two technologies should you use to fail over from a primary to a secondary tunnel in less than 60 seconds?

You are deploying a branch site which connects to two hub locations over an IPsec VPN. The
branch SRX Series device should send all traffic to the first hub unless it is unreachable and
should then direct traffic to the second hub. You must use static routes to send traffic towards the
hub site.
Which two technologies should you use to fail over from a primary to a secondary tunnel in less
than 60 seconds? (Choose two.)

You are deploying a branch site which connects to two hub locations over an IPsec VPN. The
branch SRX Series device should send all traffic to the first hub unless it is unreachable and
should then direct traffic to the second hub. You must use static routes to send traffic towards the
hub site.
Which two technologies should you use to fail over from a primary to a secondary tunnel in less
than 60 seconds? (Choose two.)

A.
dead peer detection

B.
VPN monitoring

C.
floating static routes

D.
IP monitoring

Show Hint

Leave a Reply 1

Your email address will not be published. Required fields are marked *

rpgghost

rpgghost

http://kb.juniper.net/InfoCenter/index?page=content&id=KB25052

[SRX] Example – IP Monitoring with route fail-over configuration and behavior

http://kb.juniper.net/InfoCenter/index?page=content&id=KB20839

Track-IP or IP Monitoring with route failover

http://networkwiki.blogspot.hk/2013/02/juniper-srx-vpn-monitor-and-route.html

There are multiple options that we can utilize to provide route failover in this type of scenario. Some of these options include:
Bi-directional Forwarding Detection
Real-time Network Performance with IP Monitoring
VPN Monitoring
I went with VPN Monitoring due to the fact that we are using VPNs. If this scenario didn’t include VPNs, then I would’ve went with BFD or RPM and IP Monitoring.

Reply