Hi All,
I have a customer with a VPN setup to my one site with the termination on my SRX240H2. This is a route based VPN tunnel, and proxy IDs have to be configured on this tunnel. Here is my issue, which would be resolved on newer devices using traffic selectors:
I have two subnets that my customer needs access to. These subnets cannot be grouped. My customer has provided a single subnet for access to my site. However, since I need to use proxy id's with these subnets configured, I need to configure two tunnels, each tunnel with the following proxy IDs:
Tunnel 1
* customer network, my network A
Tunnel 2
* customer network, my network B
However, because these are route based tunnels, I now have a static route for the customer network pointing to two tunnels. If traffic comes into Tunnel 2, the device may route it back through Tunnel 1.
Is there a way to solve this issue that I'm missing?
Unfortunately I cannot implement tunnels per routing-instance at this time.
