The only way to handle this that I know of is FBF, in this case to implement source-based-routing. You have to pick a different tunnel depending on which source address you see.
I don't have access to my systems right now so I can't send an example, but there are plenty of examples on either in Juniper KB or Juniper forums. The common use case is with 2 default routes to 2 different ISPs, and having to chose one or the other based on what local IP address is used. /Per Westerlund 14 sep 2012 kl. 14:16 skrev pkc_mls: > Le 14/09/2012 11:51, Mark Menzies a écrit : >> >> How do you route to the remote nets? Do you have the 2 routes set up on the >> SRX to send it to the st0 interface? If you do, then we do need NHTB set up >> to dictate which VPN the traffic goes down when it arrives at st0. >> > There is only one remote net. > >> Alternatively, set up 2 tunnel interfaces, ie st0.0 and st0.1 and bind each >> VPN to its own tunnel interface. >> > I can use two tunnel interface, and the route to the same network via those > two interfaces, but then as the remote gateway is the same, I don't have any > option to indicate the correct tunnel interface from each local network. >> Also, can you let us know what this reroute error message is? >> >> > something like > packet dropped re-route failed > I'll copy the exact message later on. > _______________________________________________ > juniper-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/juniper-nsp _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
