Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
asher
Contributor

checkpoint unnnumbered vti tunnel

Hello

 

 

we have clusterX with 2 ISP peers with BGP

network between cluster and ISP1 : 31.154.10.0/29

network between cluster and ISP2 : 31.154.11.0/29

we have 2 bgp peers to each ISP and we redistitbute the following network 31.154.12.0/27 (no physical nic related to that network only NAT to DMZ devices) from both 

 

we have ipsec to customer from ISP1 with his physical address, and now we want to enable option to create the peer also from the ISP2 nic.

 

can we use unnembered vti tunnel with loopback address from 31.154.12.0/27 and create the peer with the customer with that ip address ?

then its will be managed from BGP and peer will be able to establish from both nic with 1 IP.

 

i didnt find explained documents 

0 Kudos
3 Replies
PhoneBoy
Admin
Admin

Not clear what the requirement is here.
Do you want to initiate the VPN from either IP or a specific IP.
In any case, it's the Link Selection setting in the gateway object that will control what the VPN is initiated with.

0 Kudos
asher
Contributor

HI

 

i want to initiate the tunnel from loopback address that will be available from BGP from 2 ISP peers,

the tunnel is with 3rd party device.

0 Kudos
PhoneBoy
Admin
Admin

As I said, this is controlled by the VPN Link Selection setting in the gateway/cluster object.
You specify the relevant IP there.

0 Kudos