thanks for the reply. Yes, i did solve it, but in another way.
The remote 9004 MD is connecting to 9004 VPNC by IPSec VPN and then to MC. Then on top of this i created L2 GRE Tunnel between the 2 9004 GWs.
So the initial management of the remote 9004 MD is done via the connection to VPNC and all the VLAN are passed from the remote 9004 MD transparent via the GRE Tunnel to the 9004 VPNC and then pushed to my firewall, where it terminates.
Original Message:
Sent: Nov 04, 2023 06:44 PM
From: TN41
Subject: 9004 default route via ipsec map?
Hi,
Don't know if you've sorted this out yet, but here is a possible solution.
You could create a Nexthop with the IPsec map. Then create a PBR where source is client subnet, destination is any, and action is the IPsec nexthop
Apply the PBR to you client VLAN.
Tom
Original Message:
Sent: Jun 30, 2023 12:50 AM
From: snoopy78
Subject: 9004 default route via ipsec map?
Hi there,
i've a 9004 (MD) connected to a VPNC (9004) and this is connected to an MM/MC.
The 9004 MD is working fine and i could configure a static route via MM on the MD so that the clients can reach internal company lan.
However, i also want that the local clients will use our company central firewall when accessing the internet, but i can not configure a 0/0 > ipsec Map route, since the MM complains that them mask 0.0.0.0 isn't correct.
ip route x.0.0.0 y.0.0.0 ipsec <MAP Name> WORKS
ip route 0.0.0.0 0.0.0.0 ipsec <MAP Name> Not able to configure
How to achieve, that all client traffic is passing trough the tunnel?
All devices are on 8.10.0.7, and no aruba central is used.
Thank You