Create a Post
Showing results for 
Search instead for 
Did you mean: 

Route based vpn vs Domain based VPN

Hi Experts,


I wanted to know if are there any advantages of using route based VPN over domain based VPN or vice-versa 

Also,  we already have a domain-based VPN setup and we need to have route based VPN for a client and I have to gone through sk109340 and it seems it's possible. 

but according to sk31012 configuring route-based VPN we need to have an empty group (Simple Group)  created and assigned as the VPN Domain.

but we are already using domain-based VPN  and the object-group assigned to the VPN domain consists subnets that are part of the encryption domain. So how will both the VPN types work ?








0 Kudos
2 Replies

Domain-based VPN will be preferred over route-based VPNs, so make sure that the new route based clients' IP ranges do not exist inside of any encryption domain on the firewall 

0 Kudos

Below article explains it pretty good:

Generally, I would say that lately, most vendors are moving towards route-based VPN tunnels. I believe PAN firewalls dont even support domain based any longer.

0 Kudos