Last Modified: Apr 10, 2019
Opened: Dec 06, 2014
Policy flow's nexthop is not always updated when route pool member status changes.
IPsec traffic continues to use the down pool member.
This issue shows when an IPsec flow is routed via a gateway pool. When a monitored gateway pool member is detected to be down, a different member is selected as the gateway. The policy flow's nexthop is not always updated to reflect the member switch.