Junos OS

Expand all | Collapse all

Disable Interface?

Jump to Best Answer
  • 1.  Disable Interface?

    Posted 08-11-2016 07:24

    I have a bit of an odd issue.

     

    I have a firewall with two VPN tunnels up to two different VPN hubs.

     

    I need the VPN to Hub2 disabled/off if the VPN to Hub1 is up.

     

    Is this possible, and if so how?

     

    Note: the 'spoke' firewall does not have an 0.0.0.0/0 route. I went as far as making a non permenant roue for the public IP of hub2 via tunnel1 (to hub1) with a lesser priority route via the spokes wan gateway. this didn't solve the issue.

     

    Thanks,

    Z


    #interface
    #monitor
    #track-ip
    #vpn


  • 2.  RE: Disable Interface?
    Best Answer

    Posted 08-11-2016 08:22

    you need to write event script which will check when vpn state changed and activate another vpn



  • 3.  RE: Disable Interface?

    Posted 08-11-2016 09:04

    Thank you for the info!

     

    Youre comment about the event script though, has made me realize that I posted this under the wrong topic.

     

    The firewall in reference is a ScreenOS device.

     

    I reposted under the right topic here... http://forums.juniper.net/t5/ScreenOS-Firewalls-NOT-SRX/Disable-Interface-Reposted-in-right-topic/td-p/295707

     

    Thanks again,

    Z



  • 4.  RE: Disable Interface?

    Posted 09-07-2016 08:22

    I'm going to give this a shot on a JunOS box - do you have any pointers or suggestions for good reading on how to do it?