Benefits of Virtual Tunnel Interface – VTI – It’s Not Your Grandfather’s VPN

Digital server with wires

Ecessa’s network engineers not only stay on top of developments in technology, they help lead them. VTI is one such breakthrough.

Data security is in the crosshairs of most IT departments. As organizations move secure applications and sensitive data to the cloud, they need secure connections between their locations and the cloud application. Virtual Private Networks (VPN) are vital to networking because they provide secure communications between sites (in site-to-site VPN configurations) and make corporate networks available to remote users (via remote access VPNs).

Trouble is, with discreet VPN connections, it’s all or nothing in terms of your traffic rules. Attempting to configure static crypto map access lists and mapping them to interfaces is a complex hassle for network administrators, leading to congestion or poor performance over those simple VPNs.

Enter the game-changing Virtual Tunnel Interface (VTI), a more flexible version of the Virtual Private Network. This specialized type of IPsec VPN is routable and allows the use of static routes to send traffic over the VPN (same as WAN Virtualization). That routing feature allows failing into and out of a VPN, providing more resiliency and flexibility for secure traffic. You can set up static routes per IP address or port and secure the traffic that needs to be secure, allowing for a better use of bandwidth and better control of failover and VPN restart.

Some people call VTI a smart VPN.


  • Simple to setup and integrate into existing network architecture – it is a VPN
  • More routing control – VTI can route specific traffic types and allow failover behavior
  • Improves scaling – fewer security associations than a multiple LAN VPN.

For more information about using VTI, please see Ecessa’s support documentation at Virtual-Tunnel- Interface-VTI- VPN

Or contact our sales team at (800) 669-6242.