I am trying to setup a IPSEC tunnel between two PA-2020's, one on each side. I have the tunnel connecting and can access devices over the tunnel. However I am trying to access multiple network zones over the tunnel, and I am not sure how to configure that. I've typed up my setup below.
Site-A (main site) has a 192.x.x.x/16 and a 10.10.x.x/16 network. Site-B (branch side) is a 10.20.x.x/16, 10.30.x.x/16, 10.40.x.x/16, etc networks separated by physical interfaces and zones. We have a tunnel bound to our 192.x.x.x/16 network that allows us access to the 10.20.x.x/16 network, and a route of 10.20.x.x/16 traffic destined to the tunnel. However I am a bit confused on how to get the 192.x.x.x/16 network traffic to route to any of the other networks, 10.30.x.x/16, 10.40.x.x/16 through the same tunnel, or over different tunnels.
Do I need to specify proxy-ID information in the tunnel for the connections to work?
This thread is similar in the line of questioning, but not quite what I am needing help with: Bind multiple VPNs to a single tunnel interface?
If there is any other information I can provide to help make this more clear, please let me know. Thank
Solved! Go to Solution.
I've setup a similar setup with two PAN's, do you have a tunnel interface network or only using the IKE to setup the tunnel? I only added the additional routes to the tunnel interface and it's working fine, if it's also allowed in the policy.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!