Junos
Reply
Visitor
Josh208
Posts: 1
Registered: ‎10-30-2008
0

How can I define the local endpoint IP address in a policy based IPSEC VPN?

I hope I'm explaining this right. What I need is to set MY endpoint IP to something other than the default interface address in a policy based IPSEC tunnel. I am phasing out a VPN appliance that of course has a seperate public IP from my J-series router. I need to make sure that tunnels initiated by our end have the same source address they have always had. Intuitively, this would be defined at the security->ike->gateway level, but I can't find anything.

 

Please help.

 

Josh

Distinguished Expert
rkim
Posts: 755
Registered: ‎11-06-2007
0

Re: How can I define the local endpoint IP address in a policy based IPSEC VPN?

In order to terminate an IPSec tunnel, the IP needs to belong to an interface on the router. That interface is specified as the external interface in the IKE gateway configuration. You can specify an interface with the old IP I would think. But regardless, that IP needs to belong to an interface on the router.

 

Hope that makes sense.

-Richard

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.