Knowledge Search


×
 

[ScreenOS] What Is an Unnumbered Tunnel Interface and When Should I Use It?

  [KB4492] Show Article Properties


Summary:
This article provides information about an Unnumbered & Numbered Tunnel Interface as well as explains when should they be used.
Solution:

A tunnel interface needs to be configured if you are creating a route-based VPN. When you create the tunnel interface, you have the option of using either a numbered or an unnumbered tunnel interface.

An unnumbered tunnel interface borrows the IP address of the interface that the tunnel interface is bound to. For example, if the Ethernet1 interface has an IP address of 10.1.1.1 and the tunnel.1 interface is bound to the Ethernet1 interface, the tunnel.1 interface will assume an interface IP address of 10.1.1.1.

A numbered tunnel interface uses an IP address space that is on a different subnet than any of the other configured interfaces on the NetScreen device.

‚ÄčNumbered tunnel interfaces should be used when doing any type of NAT in the VPN tunnel. This is especially useful when having overlapping IP subnets between two sides of a VPN tunnel.


 
Modification History:
2017-12-26: Article reviewed for accuracy. Minor changes done. Article is correct and complete.
Related Links: