To establish a site-to-site VPN connection the remote site has to initiate a connection to the main subnet. Normally this is a good idea to bring up the connection but sometimes there is connection starting from the remote site. For example if you have on the remote site surveilance cameras system which has to connect to the main site it is not possible to initiate a VPN connection from the main site.
If you are facing the same problem which I did today here is the solution/workaround:
1. Set up a site-to-site connection
2. SSH into the remote EdgeRouter
3. Create a script
vi /config/scripts/cron-init-vpn.sh
#!/bin/bash
/bin/ping -c 2 192.168.0.1
4. Close VI with „:x“
5. Set the executive bit for that script
chmod u+x /config/scripts/cron-init-vpn.sh
6. Configure cron to use the script
configure
set system task-scheduler task init-vpn executable path /config/scripts/cron-init-vpn.sh
set system task-scheduler task init-vpn interval 5m
commit
save
7. Verify your task
show system task-scheduler task
task init-vpn {
executable {
path /config/scripts/cron-init-vpn.sh
}
interval 5m
}8. Connect to the main VPN and restart the remote site, after some minutes its possible to connect to the remote site.
To initiate vpn ping 192.168.x.0 from the remote site, 0.1 doesnt work.
Sorry I don’t understand your comment. Is this a question or a comment? If you try to ping an IP 192.168.1.0 it will not work because 192.168.1.0 is no valid IP.
Sorry, it’s a comment :). Pinging 192.168.0.1(main site) doesnt initiate the vpn but 192.168.0.0 does.. its weird but it works. :).
If i reset vpn on the remote site it drops the connection, and i get no response pinging our main site. Pinging 192.168.0.0 wakes the vpn.
thank you for the feedback. yes, ping to 192.168.0.0 seems strange 😀