07-16-2017 04:31 AM
i have read that a single phase 1 can establish multiple phase 2 SAs or VPNs .....
1-is this related to traffic selector or there is other senarios ???
2- when using traffic selector , does it create a separate SA for each subnet ??
Solved! Go to Solution.
07-16-2017 05:35 PM
Multiple SA are created in three scenarios:
Policy based VPN when you have more than one subnet on at least one side of the VPN
route based VPN when you configure traffic selectors
route based VPN when you configure proxy-id
Each set of subnets one local and one remote create an SA
Senior IP Engineer - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
JNCIA-Junos JNCIS-SEC JNCIP-SEC JNCSP-SEC
JNCDA JNCDS-DC JNCDS-SEC
ACE PanOS 6 ACE PanOS 7