This video provides a great detailed look at how to setup route-based VPN in XG Firewall v18: Making the Most of Route-Based IPsec VPN Tunnels in XG Firewall Ultimately, Route based VPN is the preferred choice for today’s dynamic networks. RBVPN is a well-accepted industry standard and interoperates nicely with other vendor’s route-based VPN tunnels making it easier to tunnel to Azure/ AWS and other cloud providers. This makes it possible to enable IPsec and MPLS (even on a non-WAN zone) to both be active at the same time with options for load balancing on VPN tunnels as well. XG Firewall v18 also supports RBVPN tunnel interfaces for SD-WAN policy-based routes to support IPsec and MPLS co-existence with SD-WAN. RBVPN implementation in XG Firewall v18 also provides flexibility to setup more complex network address translation using the new NAT rule configuration such as VPN NAT overlap scenarios.
RBVPN provides full control over routing with support for static, dynamic (OSPF, BGP, RIP) and SD-WAN policy-based routes with RBVPN policies. With RBVPN, network topology changes do not impact VPN policy and you no longer need to modify VPN policies if networks are added or removed from your environment, greatly simplifying VPN policy creation and management, especially in larger and more dynamic environments. Route Based IPsec (RBVPN) in XG Firewall v18 enables truly dynamic IPsec site-to-site VPN tunnels.
In this article, we’ll review how you can take advantage of those as a part of another new feature in XG Firewall v18 – Route Based IPsec VPN. One of the great new features in XG Firewall v18 that we covered in Part 3 of this series is the new SD-WAN Application and User/ Group based link selection capabilities.