Multiple ip address in vpn

Report Inappropriate Content · ‎06-21-2011

Hi , In fortigate 3000 Is their an option in vpn site to site at phase 1 to enter more than one ip range as the remote gateway ? thanks

Matthijs · ‎06-21-2011

Why do you need this? You cannot add it over there, but vpn is site-to-site so from 1 site to another. If you have 2 lines between the sites you should create 2 vpn' s and user 2 static routes with equal distance to load balance...

Report Inappropriate Content · ‎06-21-2011

the remote gateway has two external interfaces (for load balance) with two different ip address. some times the traffic comes from one ip and some times from the other and i need the same vpn tunnel for these address.

ede_pfau · ‎06-21-2011

Hi, no you can' t do that. Create 2 VPN tunnels and load balance them on your side. The gateway IP address is part of the tunnel negotiations/SPI and cannot be IP1 now and IP2 later. If the remote side uses 2 gateways there is still no need to tackle this. Assuming the remote side opens the tunnel, to your ONE gateway address. All is fine as the remote side will not use it' s other interface in between to send data over the tunnel. If your side opens the tunnel you just decide to use one of the remote gateway' s IP addresses. Only if you want to have load balanced VPN tunnels you will have to follow the advice from the previous post. It involves some work and knowledge in setting up and trouble shooting so I would consider the pros and cons.

Ede Kernel panic: Aiee, killing interrupt handler!

Report Inappropriate Content · ‎06-21-2011

thanks .

Multiple ip address in vpn

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website