IKEv2 Backup IP & Split Tunneling
Hello,
I try to switch from SSLVPN to IKEv2, I have questions about it
- On IKEv2 VPN can we have multiple server IP address? like on SSLVPN I can put primary and backup IP Address for client to connect
If this is possible how to setup the backup IP and how the client with choose which IP they want to connect?
- How to setup split tunneling on client with MacOS when create VPN connection?
I can setup split tunneling on Win 10 OS without user intervention by modifying powershell script
Thanks
0
Sign In to comment.
Answers
Perhaps this can help for item 2:
"There seems no way to configure split tunneling with IPSec/IKEv2 using only native macOS settings. We use the free software IPSecuritas to accomplish this task. – not2savvy May 30 '19 at 9:17"
https://apple.stackexchange.com/questions/361143/native-ikev2-macos-implementation-routes-all-traffic-over-the-vpn-tunnel
Thanks for the info.
Any thoughts about IKEv2 backup IP Address? On IKEv2 settings i can add additional IP address for the server, but i can't connect to it, IP address on windows VPN connection already changed to secondary IP
I believe that only the primary external IP addr is set up to accept these IKE VPN connections.
SSLVPN is the only client VPN connection that I have seen to have specific backup IP addr access.
The old PPTP never did either.
It wasn't until V12.2 that one could officially use a secondary IP addr for a BOVPN endpoint.
• You can now configure Branch Office VPN gateways with secondary IP addresses. [FBX-10580]
Perhaps James will comment here.