Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
asher
Contributor

checkpoint unnnumbered vti tunnel

Hello

 

 

we have clusterX with 2 ISP peers with BGP

network between cluster and ISP1 : 31.154.10.0/29

network between cluster and ISP2 : 31.154.11.0/29

we have 2 bgp peers to each ISP and we redistitbute the following network 31.154.12.0/27 (no physical nic related to that network only NAT to DMZ devices) from both 

 

we have ipsec to customer from ISP1 with his physical address, and now we want to enable option to create the peer also from the ISP2 nic.

 

can we use unnembered vti tunnel with loopback address from 31.154.12.0/27 and create the peer with the customer with that ip address ?

then its will be managed from BGP and peer will be able to establish from both nic with 1 IP.

 

i didnt find explained documents 

0 Kudos
4 Replies
PhoneBoy
Admin
Admin

Not clear what the requirement is here.
Do you want to initiate the VPN from either IP or a specific IP.
In any case, it's the Link Selection setting in the gateway object that will control what the VPN is initiated with.

0 Kudos
asher
Contributor

HI

 

i want to initiate the tunnel from loopback address that will be available from BGP from 2 ISP peers,

the tunnel is with 3rd party device.

0 Kudos
PhoneBoy
Admin
Admin

As I said, this is controlled by the VPN Link Selection setting in the gateway/cluster object.
You specify the relevant IP there.

0 Kudos
asher
Contributor

Hi again

 

the link selection is useful only when peers is manage locally,

in my scenario its 3rd party , i follow all the articles and its looks that vti is the best choice for that,

so there is any detailed guide for the following scenario:

1. ISP use only 1 public ip 

2. we use 2 available public ip with  primary/backup tunnel

3. when we create tunnel interface on our side we create only 1 vti ? 

4. in the 3rd party side need to create 2 vti ? one for each our public ip ?

5. our default route 0.0.0.0 is from BGP from both ISP peers 

 

 

 

 

0 Kudos