cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
202
Views
5
Helpful
4
Replies

FTD with IPSec Site-to-site tunnels from 2 different interfaces

Hello,

is it possible with FTD to do with FTD, to have IPSec tunnels from more than one interface ?

We have a firewall connected to a wan router by 3 interfaces (on the wan router each interface is in a different VRF).

We want to create an IPSec tunnel from each of these 3 interfaces.

is it possible ? (we have FMC), I attached a diagram .

thank you

2 ACCEPTED SOLUTIONS

Accepted Solutions
Rob Ingram
VIP Mentor

sakoury@dcgroup.com 

Well you can only have 1 active default gateway on the FTD. You'd need specific static routes via the other interfaces to the peer you wish to establish a tunnel with.

View solution in original post

sakoury@dcgroup.com no restrictions, you just select the interface when creating the topology in the FMC.

View solution in original post

4 REPLIES 4
Rob Ingram
VIP Mentor

sakoury@dcgroup.com 

Well you can only have 1 active default gateway on the FTD. You'd need specific static routes via the other interfaces to the peer you wish to establish a tunnel with.

View solution in original post

Hello Rob,

 

Thanks for your reply,  we will add the static routes via other interfaces. 

I remember with ASA we had the restrictions of enabling cryptomap on only one interface,

does this limitation exists in FTD ?

Thank you

sakoury@dcgroup.com no restrictions, you just select the interface when creating the topology in the FMC.

View solution in original post

Thank you Rob, Appreciated

Create
Recognize Your Peers
Content for Community-Ad