Using Third Party VPN Peers with Many External Interfaces

When you use third-party VPN peers and have multiple external interfaces on the 61000/41000 Security System, you must configure the SGMs and the Management Server.

To configure the 61000/41000 Security System:

1. Run this command on the SMO:

   # g_update_conf_file $FWDIR/modules/vpnkern.conf ipsec_use_p1_src_ip=1

2. Reboot all SGMs.

To configure the Management Server:

1. Open $FWDIR/lib/vpn_table.def in a text editor.
2. Add this line to the configuration file:

   dynamic_ipsec_source_address = dynamic sync keep expires EX_INFINITE;

3. In SmartDashboard, install policy.