Last Modified: Oct 17, 2023
Opened: Dec 06, 2014 Severity: 3-Major
Policy flow's nexthop is not always updated when route pool member status changes.
IPsec traffic continues to use the down pool member.
This issue shows when an IPsec flow is routed via a gateway pool. When a monitored gateway pool member is detected to be down, a different member is selected as the gateway. The policy flow's nexthop is not always updated to reflect the member switch.