10-11-2009 02:47 PM
I have looked through the forum and found a few instances on route VPN’s. I have not found one with a similar configuration as ours.
I have a Head Office with a SSG550 and a Branch Office with SSG20. The SSG550 has 3 interfaces, DMZ, Training and Production. The training interface has full access to the internet where the others have limited access. The SSG20 has 2, Trust and Visitor Wireless. At this stage we are using Policy Based VPN’s. I need to change to Route based from what I have read on the forum.
I need to get a route VPN from Trust in the branch to Production in H/O. I need all the traffic to traverse the VPN. I then need the Visitor Wireless to have another path over another VPN to the H/O and all its traffic to traverse over this tunnel.
Will I have to configure another virtual router and how do I configure the VPNs? I have found that when I run the Route-Based VPN Wizard for the second time, I get an error stating that the public IP is already in use. Where must the tunnels start and terminate? I have read that to get the internet traffic from the branch to the internet the Egress IP. Where do I configure this? What impact with these tunnels have on the performance of the units?
Thanks for your time
11-13-2009 10:05 PM - edited 11-13-2009 10:06 PM
Just follow the steps in this kb
the tunnels will terminate SSG-20 ----->SSG-550
FYI this should be in the firewall section not Routing.