Does anyone have any experience with IPSec and keepalived? I'm investigating it as a solution to an HA firewall pair for our office.
I'm not sure exactly how the tunnel will behave in a failure situation. I'm guessing that it has to be renegotiated upon a failure and any traffic on the tunnel would be dropped.
[link][4 comments]