[Webinar] Streamline your web hosting managementRegister Today

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 902
  • Last Modified:

Configuring interface tracking on Juniper SSG550M


I have a juniper active/standby cluster. I have 2 Internet links and want to use one as primary and the second as a backup. When the primary fails I want traffic to route down the backup link and when the primary comes backup, I want the firewall to failback to the primary link.

I have tried interface tracking but the route stays put and traffic doesn't go out the backup link. Is there anything I can do with regards to the vrouters? My Internet links terminate on 2 separate devices
1 Solution
Please have a look at the link below:

Please check if the configuration is correct and update.

Thank you.
If I understood correct, you do not want a device failover, but a interface failover. That requires that either the interface goes done physically (which will not be the case, I assume), or a monitoring of the remote gateway availability. I have to admint that I have not seen any option in ScreenOS to do the latter yet. If you can get RIP/OSPF updates from your ISP, that would work - the interface with a lower metric/cost will win over the other one, as long as it is available.

I assume you know about the consequences of interface failover - change of public IP aso., and the implications of that.


Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now