User manual
Local network: 192.168.11.1/255.255.255.255
Remote network: 192.168.12.1/255.255.255.255
Phase 2 key lifetime (sec): 7200
Branch Office SG configuration:
Tunnel name: PrimaryLinkTest
Enable this tunnel: Unchecked
Local Interface: Default gateway interface
Keying: Aggressive mode (IKE)
Local optional endpoint ID: primarytest@branch
The remote party's IP address: 209.0.0.1
Local network: 192.168.12.1/255.255.255.255
Remote network: 192.168.11.1/255.255.255.255
Manually edit the ifmond.conf on both the Branch Office SG to configure for IPSec
failover and fall forward.
##-- Custom entries MUST be added below this point
connection primarylinktest
parent conn-eth1
start IPSec auto --add PrimaryLinkTest
start IPSec auto --up PrimaryLinkTest
stop IPSec whack --delete --name PrimaryLinkTest
maximum_retries 2147483647
retry_delay 5
test_delay 5
test ifretry 2 5 ping -I 192.168.12.1 192.168.11.1 -c 3
connection primarylink
parent primarylinktest
start IPSec auto --add PrimaryLink
start IPSec auto --up PrimaryLink
stop IPSec whack --delete --name PrimaryLink
maximum_retries 2147483647
241
Virtual Private Networking