Hi Experts,
I am refering to the below link for route-based VPN. I see besides trust/untrust zone, another zone vpn-chicago is created. And the policy is between trust zone and vpn-chicago zone. But the chicago address is attached to untrust zone. It's weird to me that the policy is to vpn-chicago zone but the destination address is attached to untrust zone instead. My question is: is this vpn zone mandatory for a route-based VPN? Or we can use untrust zone for the same? http://www.juniper.net/techpubs/en_US/junos12.1x44/topics/example/ipsec-route-based-vpn-configuring.html
Thanks!
BR/ Claire
↧