11-30-2023 02:39 AM
Hi Team,
I wanted to setup Tunnel Monitoring for the Dynamic IPSec tunnels. Peer end IPs are dynamic, we have around 5 to 6 VPNs that we need to monitor. I was going through the SK where it says for Tunnel monitoring, we need to have IP address configured on the tunnel interface used for the VPN. And even the Tunnel interface IP can be any dummy IP which is not in the network. But if we use dummy IP will it be able to ping the peer IP which we need to monitor? Also configuring dummy IP on tunnel interface will have any impact to the tunnel which is already up and running without any issues. Please suggest.
Regards,
Sanjay S
11-30-2023 05:47 AM
if you set your dummy ips to an appropriate subnet (e.g. 169.254.0.1/30 & 169.254.0.2/30) that will create a 'connected' route in your routing table and have monitor packets find their way to the remote end of the tunnel
adding tunnel IPs won't interfere with the existing tunnels
12-04-2023 11:06 PM
Thank you @reaper i will try to set this up and get back to the thread in case if i face any issues.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
