Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 27 subscribers
  • Views 535 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VPN Failover

raw-rs

Is it just me or when setting up a S2S VPN with 2 ISPs at each end, it would require 4 SEPARATE VPNs to cover all failover scenarios and would this even work?

i.e.

Site A ISP 1 - Site B ISP 1

Site A ISP 2 - Site B ISP 2

Site A ISP 1 - Site B ISP 2

Site A ISP 2 - Site B ISP 1

In theory the last 2 VPNs are optional, but in the real world, I want the primary ISP being used at each site wherever possible because due to the secondary not having the same bandwidth.

Am I missing something or is there an easier way to do this?



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to LuCar Toni

    Ok but would I still need those 4 VPNs with the failover groups or do those negate the need for the extra VPNs? I don't need all 4 up at once I just need to cover each scenario of one failing.

    If so it seems crazy as I have 4 other sites and they all have the same setup, which means instead of 5 VPNs at each site I need 20. That is 120 VPNs for what is a very common setup.

    Coming from SonicWall I wish the VPN policy just had a fail over VPN IP built into it. This would simplify things massively.

  • 0 in reply to raw-rs

    Basically the SonicWall equivalent is Ipsec failover groups. Take alook into it. 

  • 0 in reply to LuCar Toni

    I will do again but from first look I still need to create separate VPNs for each scenario, so whilst Failover groups might do what I need, it doesn't make life any easier. Or is that not the case?