Hi all
Somewhat new to SRX and clustering in general
Say we install an SRX1600 cluster, in two geographically separated DCs (linked via dedicated fibre link to a downstream core switch - we would run the HA link via this switch)
In our primary DC we would have 2 WAN circuits and in our backup DC we would have a single WAN circuit.
We would have a single IPsec tunnel going out via WAN1 of the primary DC, we are not bothered about this failing over
All 3 WANs are IPed differently
The desired behaviour would be
Single WAN failure at primary DC: SRX remains active and fails over to working WAN
Both WANs fail at primary DC, LAN failure or SRX hardware failure: Failover to SRX at backup DC
Is this possible? We use Meraki MX at our branch sites and I know such a config is possible with those but despite extensive research cannot find anyone using an SRX in this configuration.
My understanding is as the WANs are IPed differently I can’t use reths as the IP is at reth level (although I can indeed use a reth for my trust interface)
Any guidance is appreciated, cheers