Filter
Top Products
VPN > Settings
909
SonicOS 5.8.1 Administrator Guide
Route Entries for Different Network Segments
After a tunnel interface is created, multiple route entries can be configured to use the same
tunnel interface for different networks. This provides a mechanism to modify the network
topology without making any changes to the tunnel interface.
The image below shows an example of same tunnel interface for different networks (Routes 1
& 2):
Redundant Static Routes for a Network
After more than one tunnel interface is configured, you can add multiple overlapping static
routes; each static route uses a different tunnel interface to route the traffic. This provides
routing redundancy for the traffic to reach the destination.
The image below illustrates redundant static routes for a network (Routes 2 & 3):
Drop Tunnel Interface
The drop tunnel interface is a pre-configured tunnel interface. This interface provides added
security for traffic. An example of this would be if a static route bind interface is deemed the
drop tunnel interface, then all the traffic for that route is dropped and not forwarded in clear. If
a static route bind to tunnel interface is defined for traffic (source/destination/service), and it is
desired that traffic should not be forwarded in the clear if the tunnel interface is down, it is
recommended to configure a static route bind to drop tunnel interface for the same network
traffic. As a result, if the tunnel interface is down, traffic will be dropped due to the drop tunnel
interface static route.