Chassis Cluster HA control link encryption

We support Chassis Cluster HA control link encryption. The Chassis Cluster HA control link encryption protects traffic between the HA nodes using the trusted IPSec protocols. With Chassis Cluster HA link encryption tunnel, any security sensitive parameters or critical security parameters exchanged over the control link between the two chassis in chassis cluster mode are protected using IPSec. Using IPSec for internal communication between nodes, information such as, configuration information and IKE HA messages that passes through the chassis cluster link from the primary node to the secondary node is protected from active and passive eavesdropping.

To activate Chassis Cluster HA control link encryption, use the below commands: 

•  set groups node0 security ipsec vpn ha-link-encryption 
•  set groups node1 security ipsec vpn ha-link-encryption