Adding VTI (Virtual Tunnel Interface)


Adding VTI (Virtual Tunnel Interface)

Adding VTI (Virtual Tunnel Interface)
Adding VTI (Virtual Tunnel Interface)
2024-02-12 12:05:29 - last edited 2024-02-12 12:06:46
Tags: #VPN
Model: ER8411  
Hardware Version: V1
Firmware Version: 1.2.0


It would be great if they could add a function to create a VTI (Virtual Tunnel Interface) for IPSec for Site-to-Site VPN. This technology is implemented starting from Cisco / Huawei equipment and on Pfsense / OPNsense. Setting up IPSec is different in that we no longer need to manually create a crypto-map (and therefore an ACL); instead, we create an IPSec profile that is tied to a dedicated tunnel interface (VTI). The difference from the previously used Crypto map is that now there is no need to create an ACL - all traffic entering the tunnel is encrypted (encryption maps are nevertheless still created, but automatically).
Advantages of IPSec VTI compared to classic IPSec:
1. Setting up and controlling encrypted traffic is greatly simplified (you can use QoS, ZBF, etc.). Unencrypted traffic is processed on the virtual interface, encrypted traffic is processed on the physical interface.
2. IPSec VTI supports multicast, and, consequently, dynamic routing protocols - BGP, OSPF, EIGRP, etc.

1 Reply
Re:Adding VTI (Virtual Tunnel Interface)
2024-02-18 02:47:56

Hi @vtuchk

Thank you for your feedback and post. We have forwarded your request to our developer team for evaluation.
To stay updated on firmware releases, we recommend subscribing to the pinned thread on the related page or regularly checking our official website where new releases are typically announced promptly. Get the Latest Firmware Releases for Omada Routers Here - Subscribe for Updates
Please note that all requests undergo a thorough evaluation by our developer team before being added to the roadmap. This process may take some time, so please be patient if you don't see immediate results. Features with lower priority or fewer user reports might experience delays in implementation as we gather more feedback and compare it with competitor products.
It is important to understand that submitting a request does not guarantee its implementation; only requests that pass the evaluation will be considered for inclusion in future updates.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Beta firmware got some NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting Manual ★ ☚ (Disclaimer: Short links are used above solely for guidance to TP-Link subdomains and are safe and tracker-free. Exercise caution with short links from non-official members on forums. We are not liable for external content or damage from non-official members' link use.)


Helpful: 1

Views: 83

Replies: 1

Voters 1

voter's avatar