Hi,
I'm trying to setup a S2S IPSec VPN between two hosts with dynamic IP addresses based on FQDN.
One node (HUB) is an SRX220 with 12.1X46-D60, second node (SPOKE) is a Cisco router with 12.4T IOS.
Both nodes have a Public Internet IP address got from DHCP on following interfaces:
ge-0/0/0 on SRX (added to the Internet zone)
Fa4 on Cisco IOS Router
I have attached the relevant configuration.
The problem is, that it looks like noone is initiating phase 1. KMD logs shows nothing on the SRX, debug crypto isakmp & ipsec shows nothing on Cisco.
This is why I'm assuming, that noone is starting phase 1.
And of course there are no ike SAs.
Any ideas on that setup?