BOVPN + Virtual Interface
Hey all,
Looking at the documentation, it says that you can't use the same local/remote gateway pair for both a regular BOVPN tunnel and a BOVPN virtual interface.
However, would it be possible to have the two co-exist (between the same two fireboxes) by setting up the gateways to use secondary IPs on the same external interfaces?
Cheers,
-Chris
0
Sign In to comment.
Comments
Hi @Chris_Kelly If it's a different IP, it'll pass the checks and should be allowed. Generally I'd just suggest making additional routes in the tunnel you already have, but it would be possible.
-James Carson
WatchGuard Customer Support
Excellent, thanks @james.carson!
Just for a bit of background since I imagine it sounds a little strange - I like the idea on paper of how BOVPN virtual interfaces work vs manual BOVPN setups, and my current project is to re-subnet our existing setup into new VLANs with different IP schemes than are currently being used, so I figured it would be nice to set up the new networks with the BOVPN VI and have it run in parallel with the existing manual one while i move all the hosts over.
Thanks again!