Hi I have to build up a IPSec tunnel with a partner. So at Network -> Interfaces -> eth 1/1 I have my connection to internet with a /28 Net. I call it for example 184.108.40.206/28 net. There the router from my isp is IP 220.127.116.11. I will build up my tunnel on ip .146. Now on the eth 1/1 I define the IP 18.104.22.168/28 so the complete /28 net is set.
On Network -> IKE Gateway I can only chose the local IP Address /28 from interface and not one /32 IP. How can I do this?
When I set a second /32 address I get a routing error. So how must I configure this right way?
If you want to select an address in IKE GW object you must define it on interface first.
If you're just using it for NAT (source or destination) it's not mandatory.
Both ways tell PA for which address it should answer to ARP request.
I want to use it in IKE Gateway. But how must I define it?
I use it just as well as NAT. How must look my NAT entry?
And how can I test it?
You simply add another IP to interface. First IP (primary) you define with correct mask (/28 or however it is). All the additional IPs from same subnet come with /32 mask.
To use it in NAT rules you don't have to define it on interface, but you can.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!