[Sidewinder] Sidewinder to Sidewinder (6.x) IPSEC SAs with floating IPs
Sidewinder moderated discussion list
sidewinder at adeptech.com
Tue May 26 14:42:15 EDT 2009
I have experience only with site to site vpn between sidewinder and
checkpoint but not with redundancy the redundancy for our system ist
hsrp routers on the next hop maybe that can be useful for you.
Cordialmente.
Juan David Osorio G.
Analista IT
Compuredes S.A.
Tel: 2666564-Ext 109
Cel: 3154898478
>>> Sidewinder moderated discussion list <sidewinder at adeptech.com>
24/05/2009 02:28 p.m. >>>
Does anyone have experience with site-to-site gateway Sidewinder VPNs
where on remote IP address may change over time?
We have many VPNs between our Sidewinder 6.x firewalls. They provide
a
backup for our MPLS network and, in some cases, essential site-to-site
connectivity where an MPLS network endpoint is cost-prohibitive. Life
has been great for a long time, but then we added link load balancing
technology to our main site.
This now means that our main site may initiate a VPN from one of three
different IP addresses. Sidewinder does not love this scenario. You
must specify a remote gateway, and ours changes. I have tried
creating
a separate SA for each possible IP, but that does not work.
We are trying to provide access to whole networks behind the
Sidewinders, so I believe "Fixed IP" is our only option. Surely we are
not the only ones doing this. How do you all configure your
environment?
Details:
Tunnel Encaps.
Fixed IP mode
_______________________________________________
Sidewinder mailing list
Sidewinder at adeptech.com
http://mail.adeptech.com/mailman/listinfo/sidewinder
More information about the Sidewinder
mailing list