Disable Automatic Tunnel Startup
BOVPN tunnels are automatically created each time the Firebox starts. You can change this default behavior in the settings for the branch office VPN. A common reason to change it would be if the remote endpoint uses a third-party device that must initiate the tunnel instead of the local endpoint.
Disable Automatic Startup for Manual Branch Office VPN Tunnels
- Select VPN > Branch Office VPN.
The Branch Office VPN configuration page appears - Select a gateway and click Edit.
The Gateway page appears. - Clear the Start Phase 1 tunnel when Firebox starts check box at the bottom of the page.
To disable automatic startup for tunnels that use a gateway, from Policy Manager:
- Select VPN > Branch Office Gateways.
The Gateways dialog box appears. - Select a gateway and click Edit.
The Edit Gateway dialog box appears. - Clear the Start Phase 1 tunnel when Firebox starts check box at the bottom of the dialog box.
Disable Automatic Tunnel Startup for a BOVPN Virtual Interface
To disable automatic startup for a BOVPN virtual interface, from Fireware Web UI or Policy Manager:
- Select VPN > BOVPN Virtual Interface.
- Clear the Start Phase 1 tunnel when it is inactivecheck box.
If you clear this check box, the Firebox still automatically restarts the tunnel when it is inactive if any policy uses policy-based routing to route outbound traffic to this BOVPN virtual interface.
You can also disable a BOVPN gateway and all associated tunnels. For more information, go to Disable or Enable a Branch Office VPN.