12-28-2025 06:51 PM - edited 12-28-2025 07:13 PM
Hi all,
I have two external gateways on the same firewall, and I’m wondering whether I can reuse the same Client IP Pool for two different tunnel interfaces (on two different external gateways) on the same firewall.
I have already done that via SCM and committed the changes, but I'm not sure whether it'll work or not.
01-05-2026 01:54 PM
I've never tried to do this previously, but how would you handle any sort of routing to the connected endpoints? Just from a support aspect, this seems like it would be a pretty bad idea since you wouldn't be able to connect to these endpoints at all even if the FIB actually allowed this to work in practice. It certainly isn't something that I would recommend you knowingly and actively do.
01-05-2026 02:59 PM
Thanks for the response. I wanted to use the second gateway for the failover only. However, yes, it doesn't make sense as the firewall itself is going to install both subnets in its RIB and FIB with the same metric, and it's definitely a messy routing approach. I'm using a different subnet for every single gateway.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
