Options
to define additional subnet for site2site vpn
Hello, I setupped site2site vpn connection for one local_subnet. how can I add second local_subnet to this vpn connection. 
Comments
-
Options
Mstavridis
Member Posts: 107
Huh? You need to describe your current network and then give us more detail on what you are trying to accomplish, I would love to help but I don't know what exactly your trying to accomplish. -
Optionsteren
Member Posts: 30 ■■□□□□□□□□
Depends on if this was setup as a route or policy based VPN, as mentioned if you can provide more details I'm sure we can help. Thanks!
-
Options
MrBishop
Member Posts: 229
/30 will give you 2 available addresses per subnet so your subnets will look like
10.1.1.0 to 10.1.1.3
10.1.1.4 to 10.1.1.7
10.1.1.8 to 10.1.1.11
10.1.1.12 to 10.1.1.15
and so onDegrees
M.S. Internet Engineering | M.S. Information Assurance
B.S. Information Technology | A.A.S Information Technology
Certificaions
Currently pursuing: CCIE R&Sv5 -
Optionsteren
Member Posts: 30 ■■□□□□□□□□
Ah ScreenOS.....well I'm going to make the assumption that this is a policy based VPN to a non JUNOS/ScreenOS device. Therefore, you'll basically need to duplicate everything you see on that screen except change the proxy ID to what the second subnet is and then add the corresponding policy for that subnet to point to that new VPN you're creating.
Or, if you upgrade to ScreenOS 6.3, you can use this feature Juniper Networks - Function of a new feature "Multiple Proxy ID support on a Route-Based VPN" (Supported started with ScreenOS 6.3) - Knowledge Base -
Optionsgetrue
Registered Users Posts: 4 ■□□□□□□□□□
thanks for your answers. special thanks to teren. We upgraded firmware and ran below command.
SSG140-> set ike policy-checking
