Currently my company do have IPsec site-to-site route based VPN connections using OSPF routing protocol between our two data centers. The VPN seems working fine. But every one hour [3600seconds] there is renegotitation pf IPSEC phase I and II SA which thereby result in connection timeout till the renegotitation wind up. The thing is we do have mission critical applications which needs 100% up time. I have tried with the help of Juniper TAC engineers to set the SA renegotiation to happen once in 24 days but there is no change . Still there is renegotiation. Is there someone who can help on this matter. Comments are highly appreciated.
Dawit A.Kebede [CCIE-written, CCNP, CCNA, HCNE, MCSE, SCSA]
Dawit A. Kebede [CCIE-written, CCNP, CCNA, MCSE, SCSA, HCNE]
Senior Network Engineer