Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
511
Views
5
Helpful
4
Replies

FTD with IPSec Site-to-site tunnels from 2 different interfaces

Go to solution
sakoury@dcgroup.com
Level 1
Level 1

‎08-26-2021 06:15 AM

Hello,

is it possible with FTD to do with FTD, to have IPSec tunnels from more than one interface ?

We have a firewall connected to a wan router by 3 interfaces (on the wan router each interface is in a different VRF).

We want to create an IPSec tunnel from each of these 3 interfaces.

is it possible ? (we have FMC), I attached a diagram .

thank you

Labels:
Preview file
365 KB
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎08-26-2021 06:21 AM

sakoury@dcgroup.com 

Well you can only have 1 active default gateway on the FTD. You'd need specific static routes via the other interfaces to the peer you wish to establish a tunnel with.

View solution in original post

0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to sakoury@dcgroup.com

‎08-26-2021 06:39 AM

sakoury@dcgroup.com no restrictions, you just select the interface when creating the topology in the FMC.

View solution in original post

4 Replies 4

Go to solution
Rob Ingram
VIP
VIP

‎08-26-2021 06:21 AM

sakoury@dcgroup.com 

Well you can only have 1 active default gateway on the FTD. You'd need specific static routes via the other interfaces to the peer you wish to establish a tunnel with.

0 Helpful

Go to solution
sakoury@dcgroup.com
Level 1
Level 1
In response to Rob Ingram

‎08-26-2021 06:35 AM

Hello Rob,

 

Thanks for your reply,  we will add the static routes via other interfaces. 

I remember with ASA we had the restrictions of enabling cryptomap on only one interface,

does this limitation exists in FTD ?

Thank you

0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to sakoury@dcgroup.com

‎08-26-2021 06:39 AM

sakoury@dcgroup.com no restrictions, you just select the interface when creating the topology in the FMC.

Go to solution
sakoury@dcgroup.com
Level 1
Level 1
In response to Rob Ingram

‎08-26-2021 06:55 AM

Thank you Rob, Appreciated

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents