Hello to the community!
I know that the best design for a GETVPN architecture is with at least two KS, but due to a specific problem here at work, I will set up an infrastructure with only 1 KS.
The question is, when KS is unavailable, and GMs are unable to re-key, GMs just stop encrypting traffic, that is, the network continues to function without encryption capabilities; or the GMs stop sending all the traffic and this way the whole network goes down?
Thank you in advance
Paulo Machado