Whether the USG6000 supports configuring multiple VPN tunnels

0

Yes. VPN tunnels are independent from each other.

Other related questions:
Whether the USG2000 supports configuring multiple VPN tunnels
Yes. VPN tunnels are independent from each other.

Whether the USG9000 supports configuring multiple VPN tunnels
Yes. VPN tunnels are independent from each other.

Whether the USG6000 supports LLDP VPN phones
The device does not support LLDP VPN.

Configuring virtual systems on the USG6000 series
The virtual system has the following application scenarios: 1. An enterprise may have multiple departments, and each department has specific functions and responsibilities and requires specific network management policies, which complicate the configuration. As the egress gateway of the enterprise network, the NGFW uses virtual systems to manage departments separately, simplifying the configuration. For configuration details, search for "Web Example for Configuring Virtual Systems to Isolate Enterprise Departments (Layer-3 Access, Virtual Systems Sharing the WAN Interface of the Root System)" in the product documentation. 2. The NGFW functions as the access gateway of the office area of a large campus network to protect the intranet. The intranet has multiple service departments, and the administrator configures virtual systems for each department to implement independent management over department networks. For configuration details, search for "Web Example for Configuring Virtual Systems to Isolate Enterprise Departments (Layer-3 Access, Virtual Systems Having Independent WAN Interfaces)" in the product documentation. 3. When the NGFW connects to an intranet through Layer-2 access, configure virtual systems to isolate enterprise departments and facilitate configuration management by different administrators. For configuration details, search for "Web Example for Configuring Virtual Systems to Isolate Enterprise Departments (Layer-2 Access)" in the product documentation.

Rate limiting for IPSec VPN tunnels of the USG6000 series
On the USG6000 series, rate limiting can be implemented for IPSec VPN tunnels by using two methods. Method 1: If multiple tunnels are established on the USG, traffic conflicts occur in the case of heavy data traffic. In this case, run speed-limit to limit the traffic in each IPSec tunnel. Excess packets are discarded. This ensures that all packets in each tunnel are transmitted properly. If the traffic coming through a tunnel to a local port is heavy, run inbound to limit the traffic coming from this IPSec tunnel to the local port. If the traffic forwarded by the local port is heavy, run outbound to limit the traffic forwarded by the local port to the IPSec tunnel. After a security policy is applied on an interface, you cannot run speed-limit to modify the limited rate in the security policy. If an IPSec security policy is configured in any of the following modes, you can run speed-limit { inbound | outbound } speed-limit to limit the traffic rate of the IPSec tunnel. �?Manual mode �?Template mode �?Internet Key Exchange (IKE) non-policy template mode Method 2: After traffic policies are configured, if the actual address before VPN encapsulation or after decapsulation is matched, the traffic rate of the IPSec VPN can be limited. Assume that the actual address before VPN encapsulation is 10.1.1.1. The configuration method is as follows: [sysname] traffic-policy [sysname-policy-traffic] rule name 1 [sysname-policy-traffic-rule-1] source-address 10.1.1.1 32

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top