IPSEC limit of 10 tunnels

Symptom:

 With IPSEC, there is a hard limit of 10 IPSEC VPN tunnels that can be associated with the same SA gateway.

Problem:

There is a limit of 10 IPSEC VPN tunnels that can be associated with the same SA gateway. Trying to configure more will result in the following error:

>Tunnel interface tunnel.x multiple binding limitation (10) reached. IPSEC Tunnel: Tunnel Name:Zone

>Configuration is invalid

Solution:

Workaround is to create an additional tunnel interface with different IP.

You can then set a tunnel of Phase 2 and associate the same IPSec gateway (creating a new tunnel interface with different ip), gaining another 10 more Proxy-Ids.

Comments:

https://live.paloaltonetworks.com/docs/DOC-1519

Was this article helpful?

Related Articles

Leave A Comment?

You must be logged in to post a comment.