Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 7 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 1518 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL VPN "Overwrite Hostname" with two IPs/Hostnames ?

148Points

Hi, today im learned, that if you have two or more WAN IPs both IPs get written into the SSL VPN config file like this:

remote 213.213.213.213 8443
remote 123.123.123.123 8443

These are according to the NICs, like i have 213.213.213.213 on port 0 and 123.123.123.123 on port 1 the Client will try to connect to the port 0 first, then, if not responding to port 1. Correct?

Is it possible to enter more than one hostname into the VPN Configuration where it sais :"overwrite hostname" ? so i would create two subdomain records with remote1.mydomain.com with the first ip and antoher called remote2.mydomain.com with the second ip address?

Or do i need to add the second hostname manually to the VPN-config-file?



This thread was automatically locked due to age.
Parents
  • 0

    That is more likely an Dynamic DNS setup. Use DDNS for this and it will get pushed to SSLVPN as well. 

  • 0 in reply to LuCar Toni

    Hi, thank you for your reply. Im not sure how DDNS could solve my puzzle.

    We have two fix IPv4 adresses. RoadWarrior usually want to dial in from IP1. But when ISP1 is offline they want to be able to dial in using IP2. Now unfortunately we set up IP2 on port 0 and IP1 on port 1 on the XG. Right now, when we don't use "overwrite hostname" both IPs get written to SSL VPN config file. But IP2 first and IP1 second, hence the hardware setup.

    When we roll out VPN config files now i simply want to avoid the users are dialing into IP2 first and use the (actual productive) IP1 as backup. And the best way would be not to manualy edit each config file for each user.

Reply
  • 0 in reply to LuCar Toni

    Hi, thank you for your reply. Im not sure how DDNS could solve my puzzle.

    We have two fix IPv4 adresses. RoadWarrior usually want to dial in from IP1. But when ISP1 is offline they want to be able to dial in using IP2. Now unfortunately we set up IP2 on port 0 and IP1 on port 1 on the XG. Right now, when we don't use "overwrite hostname" both IPs get written to SSL VPN config file. But IP2 first and IP1 second, hence the hardware setup.

    When we roll out VPN config files now i simply want to avoid the users are dialing into IP2 first and use the (actual productive) IP1 as backup. And the best way would be not to manualy edit each config file for each user.

Children