Cisco Support Community
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

impact expected when adding tunnel gateway

What impact can we expect when we add a tunneled command to an existing firewall configuration?

I have attached my configuration to TAC case    #622427385         but if you advise I can share it with you?

route inside 0 0 tunneled

Especially concerned about the 50 or so IPSec tunnels and the Employee SSL/IPSec. We have some Employee VPN routing issues with a company we just acquired and we must keep the VPN tunnel to then as a backup until a (backup) circuit is installed.

This firewall is our VPN gateway and our default gateway to the Internet

Perhaps best practice is to have a tunnel gateway in the first place?

Everyone's tags (3)
Cisco Employee

impact expected when adding tunnel gateway

Hi Charlie,

Basically this command will force the ASA to send the VPN trafifc to after it is decrypted.

It depends on your bussiness needs, if the router knows how to get to the all the required destinations it will be a good approch and will reduce the routing table size on the ASA.


Luis Silva "If you need PDI (Planning, Design, Implement) assistance feel free to reach us"
CreatePlease to create content