SRX Services Gateway
Reply
Recognized Expert
wimclend
Posts: 275
Registered: ‎04-03-2009
0

VPNs and Routing Instances

Hello everyone,

 

If I have two customers that I need to maintain VPN tunnels to, but they both have the same internal IP scheme (ie 10.10.10.0/24), is there a way for me to virtualize my SRX so that my Public IP and interface is the same (and in inet.0, or another instance), but have two separate tunnels that terminate in separate routing instances so I can keep each table separate?

 

I really hope that made sense . . . .

 

I seem to recall reading somewhere that currently GRE and IPSec tunnels and FBF can only land in the default routing instance, which seems to indicate that I could not have tunnels terminate inside a routing-instance.

 

Anyone have any thoughts / ideas?

 

Thanks,

 

Will

Distinguished Expert
Screenie
Posts: 1,076
Registered: ‎01-10-2008
0

Re: VPNs and Routing Instances

Difficult, allways with overlapping subnet. But maybe you can work someting out with natting in the tunnel? Translate the complete range of one customer ?
best regards,

Screenie.
Juniper Ambassador,
JNCIA IDP AC WX JNCIS FW SSL JNCIP SEC ENT SP JNCI

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.