Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Christoph
Contributor

R80.40 Custom VPN Domain not working as expected

Hi,

running R80.40 latest T78 and yesterday had an issue with a new VPN site.

I'm using the newly introduced custom VPN Domains, which allows for only specific encryption domain advertisements to the partner site, so I thought.

Setup:

Network: 172.16.0.0/16

Default VPN Domain: Multitude of networks, including 172.16.0.0/17 not including 172.16.100.0/24

Custom VPN Domain configured: 172.16.100.0/24 as a network object. This object is standalone and not used anywhere else.

The default VPN Domain does not include the network 172.16.100.0/24 object.

VPN tunnel sharing is set to: by subnet

Q2 proposal fails: We are offering 172.16.0.0/17, if a hosts from our side initiates the tunnel. Expected behavior, imho would be to have 172.16.100.0/24 proposed as our encryption domain.

Adding 172.16.100.0/24 to the default VPN domain fixes this issue.

So just to be clear, this custom VPN domain is only a "filter" and not an explicit "setting", or am I missing something?

Cheers

Christoph

Edit: Formating

0 Kudos
5 Replies
This widget could not be displayed.