![]() ![]() ![]() Need to access only one subnet or one network at the remote site, across the VPN.Remote VPN device is a non-Juniper device.In a policy-based VPN tunnel, you can considerĪ tunnel as an element in the construction of a policy.Ĭommon Reasons to use a Policy-based VPN: In a policy-based VPN configuration,Ī tunnel policy specifically references a VPN tunnel by name. With policy-based VPN tunnels, a tunnel is treated as an object that together with source, destination,Īpplication, and action, comprises a tunnel policy that permits VPN traffic. ![]() Need to access multiple subnets or networks at the remote site, across the VPN.OSPF, RIP, BGP) is running across the VPN Overlapping Subnets/IP Addresses between the two LANs.Source or Destination NAT (NAT-Src, NAT-Dst) needs to occur as it traverses the VPN.VPN tunnel, you can consider a tunnel as a means for delivering traffic, and the policy as a method forĮither permitting or denying the delivery of that traffic. Through which it must send traffic to reach that address, it finds a route via a secure tunnel (st0) interface, which is bound to a specific VPN tunnel. When the security device does a route lookup to find the interface With route-based VPNs, a policy does not specifically reference a VPN tunnel. Choose a Route-Based or Policy Based VPN configuration ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |