I need to establish VPNs from a PA5050 to Cisco devices where there are multiple encryption domains at the Cisco end.
I understand using one proxy id on the PAN to match one encryption domain on the Cisco, i.e. connecting route based to policy based VPN devices.
My question is how to set up multiple Proxy IDs from a PAN device to match multiple encryption domains on a Cisco VPN peer.
Do you set up multiple IPSec tunnels on the PAN device, each with one proxy ID using the same tunnel interface and route the remote Proxy ID IP blocks to the tunnel?
To set up this environment on Netscreen Screen OS devices, NHTB is used to bind multiple Proxy IDs to a tunnel. Is there any similar concept for PAN devices?
Thanks for any insight.
Solved! Go to Solution.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!