SRX 240 IKE/IPSEC SA ISSUE
sysgo last edited by
Hi, I’m hoping someone has run across this problem. On my SRX 240 I have a vpn tunnel. When the IKE SA expires I can’t FTP out until the IPSec SA expires. A workaround the IKE SA Lifetime at 28800 seconds and the IPSec SA Lifetime at 600 seconds works for now.
Does anyone know why the IPSec SA isn’t re-keyed when the IKE SA expires?