FlexVPN with 2 spokes with 2 same source and destination IP addresses

byme88 · ‎01-29-2023

I was trying to help out a friend's network which has a perculiar FlexVPN tunnels setup and have some questions, the scenarios as describe below:

- A hub configured with 2 spokes which has some identical IP address as destination address in FlexVPN tunnel over 2 IPVPN circuits provided by an ISP (Lumen)

My question is what the purpose of this setup is?

I only see 1 FlexVPN tunnel configured on all 3 routers. 2 spokes with same source IPs point to the Hub.

Anyone have seen this type of setup? and what was the reason behind this perculiar setup.

Thanks,

Byme88

M02@rt37 · ‎03-28-2023

Hello @byme88

Based on your description, it sounds like your friend's network has implemented a hub-and-spoke topology using FlexVPN over two separate IPVPN circuits provided by Lumen. The use of identical IP addresses as the destination address in the FlexVPN tunnel could potentially be used for load balancing or redundancy purposes.

For example, if one of the IPVPN circuits experiences an outage, traffic could automatically be rerouted to the other circuit via the FlexVPN tunnel. Additionally, if both circuits are available, the traffic could be balanced between the two based on some algorithm.

However, without additional information about the network's requirements and design considerations, it's difficult to determine the exact reason for this setup. It's possible that the identical IP addresses are being used for some other purpose as well.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

MHM Cisco World · ‎03-28-2023

I never see this before, can you more elaborate are both spoke behind NAT ?
If Yes then I need to check how the FlexVPN deal with Spokes behind same Public IP
I know how DMVPN deal with this case but for FLexVPN I will check