I have a bit of an odd issue.
I have a firewall with two VPN tunnels up to two different VPN hubs.
I need the VPN to Hub2 disabled/off if the VPN to Hub1 is up.
Is this possible, and if so how?
Note: the 'spoke' firewall does not have an 0.0.0.0/0 route. I went as far as making a non permenant roue for the public IP of hub2 via tunnel1 (to hub1) with a lesser priority route via the spokes wan gateway. this didn't solve the issue.
you need to write event script which will check when vpn state changed and activate another vpn
Thank you for the info!
Youre comment about the event script though, has made me realize that I posted this under the wrong topic.
The firewall in reference is a ScreenOS device.
I reposted under the right topic here... http://forums.juniper.net/t5/ScreenOS-Firewalls-NOT-SRX/Disable-Interface-Reposted-in-right-topic/td-p/295707
I'm going to give this a shot on a JunOS box - do you have any pointers or suggestions for good reading on how to do it?