- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
02-10-2011 07:48 AM
greetings all,
I come from a ScreenOS background, and in their world, you can terminate multiple route-based VPNs onto a single logical tunnel interface.
We have 30-40 remote sites with VPN tunnels back to HQ, which will soon be a new PAN firewall. In our lab I have tried to configure multiple IPSec VPNs terminating onto the same tunnel interface and I get the following error:
Tunnel interface tunnel.1 multiple binding with different IKE gateways.
This leads me to believe I will have to create a tunnel interface per each remote site -- is this the case? or is there a configuration setting I am missing that will allow this configuration?
If it is the case, i'm a little worried about having to run a routing protocol on each and every one of those interfaces (we need to dynamically learn routes from the remote sites in our scenario)
Thanks,
Will