AnsweredHot!VPN Connections using Dynamic IP Pool

Author
Bubbabowski
New Member
  • Total Posts : 17
  • Scores: 0
  • Reward points: 0
  • Status: offline
2019/03/14 07:29:38 (permalink) 5.6
0

VPN Connections using Dynamic IP Pool

We currently have a working VPN tunnel with multiple vendors using our outside interface's IP address for our Peer IP.  We would like to dynamically NAT our outbound traffic to a SINGLE IP address in our Public IP block and also have remote VPN connections use this IP for their Peer Address also.  Is this possible?
Example: Currently our outside interface's IP is 1.1.1.1, which VPN partners connect to for their peer.  We would like to dynamically NAT all traffic to use 2.2.2.2, which is in a /26 block of public IPs.  We would request that our VPN partners use 2.2.2.2 for their peer IP... that way when we fail over to the DR site, we wouldn't need to reconfigure the tunnel with another public IP address.  Is this possible?  Thanks
#1
ede_pfau
Expert Member
  • Total Posts : 5927
  • Scores: 466
  • Reward points: 0
  • Joined: 2004/03/09 01:20:18
  • Location: Heidelberg, Germany
  • Status: offline
Re: VPN Connections using Dynamic IP Pool 2019/03/14 10:07:22 (permalink) ☼ Best Answerby Bubbabowski 2019/03/14 10:18:26
5 (1)
According to this post it's possible.
Create a secondary IP address on your WAN interface. Then put
set local-gw <secondaryIP>
into your phase1 to make it listen to this address.

Ede

" Kernel panic: Aiee, killing interrupt handler!"
#2
Bubbabowski
New Member
  • Total Posts : 17
  • Scores: 0
  • Reward points: 0
  • Status: offline
Re: VPN Connections using Dynamic IP Pool 2019/03/14 10:18:13 (permalink)
0
Wow, this is great.  Thank you!  I have been searching all morning, but missed that somehow.
#3
Jump to:
© 2019 APG vNext Commercial Version 5.5