PDA

View Full Version : Site-to-site VPN: main address and link selection



strion
2006-04-26, 10:51
Hi,

i had a trouble in setting-up a VPN site to site with 2 NGX Express firewalls single gateway (SC + EM on the same HW). It' didn't work until manually choosing in VPN/Link selection/Always use this ip address: Select Address from topology table with the ip address of teh external interface of the gateway. Both GWs has only one external interface.

I think that the problem was that Main ip address of the object in the both installation is the private address of the gateway and the default setting in the VPN/Link selection/Always use this ip address is Main Address. Is this correct?

I don't know if the following question make sense, anyway here it is: what is the best choice in link selection for a site-to-site vpn with external gateways, managed or not?

Thanks

gladiatorkev
2006-05-05, 08:13
Hi,
It Should Link Selection --. Manaully Defined--> EXTERNAL ip Address (From the Topology Table)..
tHIS PARTICULAR SETTING HAS BEEN ADDDED in NGX and was not present earlier..!

Regards,
KEV