03-09-2019 05:45 PM
I'm looking at taking advantage of ECMP VPN to attach VM-SERIES to the Transit Gateway. I would like to use tunnel interfaces for this and would like egress/ingress traffic to go through the VM-SERIES appliances.
Can somone that has implemented this design provide some feedback, steps and things to keep in mind?
Thank you,
06-06-2019 08:23 PM
You can build VPN attachments to TGW with VM-Series and enabling ECMP. However, you will have to configure SNAT on the VM-Series firewalls (endpoint source IP will be replaced with the firewalls IPs.
Regards.
06-06-2019 08:23 PM
You can build VPN attachments to TGW with VM-Series and enabling ECMP. However, you will have to configure SNAT on the VM-Series firewalls (endpoint source IP will be replaced with the firewalls IPs.
Regards.
07-27-2019 06:28 AM
Hi,
Just curious if anyone has done this. I have transit gw with three route tables- security, spoke and Vpn. My VPNS are terminated in the TG with two customer gateways one for DC Vpn one for internet vpn. My issue is to get vpc spoke routes iinto my data center routes I i had to send them from my vpn route table. Traffic comes in from Data center via. e-w and leaks back via Transit GAtewat bypassing E-W day inspection
07-30-2019 08:28 AM
Please start a new question for this as this is not related to the question in this post. Thanks
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
