We currently have an ASA with multiple IPSec VPN's. I've been looking into replicating this on a MX84 which we purchased to replace the ASA with, but I cannot see how it is going to be possible.
I need to specify the "interesting" traffic for each, and not have all networks tagged with "include in VPN" going across each.
eg. For VPN 1, I need only for local subnet 1 to be able to reach the networks across it, and for VPN 2 I need only for subnets 2 & 3 to reach the networks across it.
Is there a way to specify the interesting traffic source and destination for each VPN Peer ?
I don't want to have to request updates on each external VPN peer to include all my local subnets just so that IPSec can come up....
Go to Solution.
View all community news »