Forum Discussion
John_Ogle_45372
Jun 30, 2014Nimbostratus
This is great. Let me ask another question before I attempt to recreate this, today. From reading your notes, it appears that you did NOT use a separate subnet for the IPsec tunnel itself which is what is typically done and shown in the LTM guide. Ex: (windows server subnet)192.168.1.0--10.10.10.1/24->ipsec_tunnel<-10.10.10.2/24--192.168.5.0/24 (pool member subnet)
Are you saying that the self-ip address of the LTM and the ip address of the pool member itself are the IPSec tunnel endpoints (IKE peers)? This would mean that you are load balancing to the pool member ip address which is also the ipsec endpoint. Correct?
Finally, I prefer to use SNAT but I don't think that will be an issue.
Thank you,