| Description | This articles describes about adding a new subnet to existing site-to-site tunnel created by wizard without converting it to a custom tunnel. |
| Scope | 6.0, 6.2, 6.4 ,7.0, 7.2 v. |
| Solution |
Users are having issue when trying to add a new subnet to the existing address group created by wizard. Only addresses created by the wizards are visible and can be added as members, addresses, created other than wizard are not available in the options for adding it to the site-to-site tunnel address group.
From GUI:
From CLI:
Solution:
Go to Policy & objects - > Addresses, select one of the addresses created by wizard and right click on it and option to ‘Clone’ should appear. After giving it a name, edit this newly cloned address and change the Ip/netmask to the new desired subnet that needs to be added to the site-to-site tunnel and select on ‘Ok’.
Then go to address group where address needs to be added and one will see it is now available to add it to the list of members.
From GUI:
From CLI:
Now Add this address as member and select ‘OK’ to save this setting and now user will see this new subnet is added to the VPN site-to-site Tunnel. |
