Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
764
Views
10
Helpful
3
Replies

Secondary IP for IPsec

MrBeginner
Spotlight
Spotlight

‎10-06-2022 04:43 AM

Hi,

I would like to ask about secondary IP to use GRE over IPsec. our current network using GRE over IPsec but we are apply the IPsec profile in Physical WAN interface. Now i want to create another IPsec tunnel for other branch. I will plan to create secondary WAN IP for second IPsec tunnel to communicate new branch. I will apply ipsec profile to VTI or GRE tunnel interface of secondary IP address. is it possible ? it will conflict previous ipsec profile ?

Labels:
0 Helpful
3 Replies 3

Rob Ingram
VIP
VIP

‎10-06-2022 04:48 AM - edited ‎10-06-2022 04:55 AM

@MrBeginner you could use a loopback interface and specify this as the tunnel source of the VTI, it wouldn't conflict.

Failing that you can use the same IP address as the source for a policy based and route based VPN.

 

 

MrBeginner
Spotlight
Spotlight
In response to Rob Ingram

‎10-06-2022 06:24 PM

 

 

Hi , 

I just want to do below diagram. I will not use same IP address as source but same physical interface. I worry it will conflict.

Secondary.jpg

0 Helpful

Rob Ingram
VIP
VIP
In response to MrBeginner

‎10-07-2022 01:20 AM

@MrBeginner it shouldn't conflict if you've specified the policy based VPN crypto ACL correctly. Provide your configuration if you want further analysis

Customers Also Viewed These Support Documents