On Fri 2017-Nov-03 00:57:47 +0000, M Abdeljawad via juniper-nsp <juniper-nsp@puck.nether.net> wrote:
HiI want to create three VPN tunnels with third party peers, I want to use route-based VPN with traffic selector as each tunnel has multiple destinations.So can I use multiple st0 interfaces "one for each tunnel"?
Yes; the routed IPSEC tunnels are bound to subinterfaces to st0, so e.g. st0.1 (unit 1), st0.2, st0.3, and so forth. Set that interface or the IP on the other end as your next-hop for whatever traffic you want to push through that particular tunnel (or run a routing protocol across it if that's preferred) and go to town.
(As I have only one VPN tunnel up out of the three tunnels).
I don't understand this part. I don't see anything that would prevent you from having all of the tunnels up simultaneously unless you want to intentionally shut them for some reason.
-- Hugo Slabbert | email, xmpp/jabber: h...@slabnet.com pgp key: B178313E | also on Signal
signature.asc
Description: Digital signature
_______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
