Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Mudderkage
Participant

Forcing external 1430 appliance gateways to use internal IP/interface.

Hi all,

We have a lot of 1430 appliance gateways on remote sites, that are connected via S2S VPN to our central firewall.
They are running R77.20.87 build 990173120
They are managed by our central R81.10 manager.

I want connections from the 1430 appliances to our central log server to be encrypted in the VPN tunnels.
I also want connections from the 1430 appliances to our central DNS/NTP/AD resources to be encrypted in the VPN tunnels.

In sk119415 I see that "fw ctl set int fw_enc_conns_use_internal 1" on the 1430 appliances will fix exactly that.
My problem is that I can't control which IP/interface is used.
Our network topology has one IP/interface on the 1430 appliances that are the same on all the remote locations.
The 1430 appliances chooses exactly that IP/interface.  🤕

How can I make the 1430 appliances choose another IP/interface ???

Best regards 
  Jan 

0 Kudos
4 Replies
Chris_Atkinson
Employee Employee
Employee

The only idea I have is to test whether with the use of Aliases you can influence this at all.

CCSM R77/R80/ELITE
0 Kudos
PhoneBoy
Admin
Admin

What interface is it, the LAN one?
I suspect what you're asking for is an RFE.

0 Kudos
Mudderkage
Participant

All our SMB boxes sends traffic from source LAN6 
RFE...   well, I never considered that, but it would be wonderful


CP1430> show interfaces
name: LAN6
ipv4-address: 172.16.240.1
status: 1/full

0 Kudos
G_W_Albrecht
Legend Legend
Legend

Asked TAC already ?

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events