10-30-2008 09:12 AM
I hope I'm explaining this right. What I need is to set MY endpoint IP to something other than the default interface address in a policy based IPSEC tunnel. I am phasing out a VPN appliance that of course has a seperate public IP from my J-series router. I need to make sure that tunnels initiated by our end have the same source address they have always had. Intuitively, this would be defined at the security->ike->gateway level, but I can't find anything.
10-30-2008 08:57 PM
In order to terminate an IPSec tunnel, the IP needs to belong to an interface on the router. That interface is specified as the external interface in the IKE gateway configuration. You can specify an interface with the old IP I would think. But regardless, that IP needs to belong to an interface on the router.
Hope that makes sense.