2 IPSecs (site-to-site, with 3rd party devices) on the same destination
lee_sarawut Newbie ✭
I'd like to know the solution when requiring two IPSec VPNs (site-to-site) on the same subnet at remote branch. I'm trying on the existing FW, it didn't allow to establish 2 tunnels on the same destination. Would be appreciate if you've any idea/suggestion.
Category: Mid Range Firewalls
Hey! You will be signed out in 60 seconds due to inactivity. Click here to continue using the site.
Do not create two tunnels, have all subnets going through the same IKE tunnel. You'll have one IKE tunnel with two IPSec SAs.
The reason I want 2 tunnels is I need a redundant link(with separate provider in the same FW appliance, at HQ). Then please give me a bit how to enable 1 tunnel that can support 2 IPSec SAs.
Use routed mode. One tunnel per pair of WAN links.
Or fill in both public IPs on a "normal" site-site tunnel.