Hi All,
I'm in a task to configure a S2S VPN using traffic selector and proxy id in almost 10 firewalls.
The customer is asking me to deploy almost 100 traffic selector and almost 100 proxy-id in a specific site to site vpn.
I sugested summarize the traffic selector and proxy id in one line as below:
set security vpn VPN-A traffic-selector VPN-10 local-ip 10.20.20.0/24 remote 10.30.30.0/24
set security vpn VPN-B ike proxy-id local-ip 10.120.120.0/24 remote 10.130.130.0/24
However, the customer don't want do this, because they say that this is one more security layer.
So, now i'm concerned with the HIGH CPU utilization, and impact that use almost 100 traffic selector and 100 proxy id would bring to the performance of the firewall. Please, could you help me?
Thanks,
João Victor