Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 7819 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to configure SSL VPN failover

vivekrajput
Hi..

i have two ISP on my ASG, and i want to configure SSL VPN fail over. Can i do this..?? or SSL VPN load Balancing..??


This thread was automatically locked due to age.
  • 0
    Good question, Vivek!

    I never considered this.  I bet that it works on all interfaces, but, unlike the IPsec VPN capability, the SSL VPN cannot re-establish a VPN on another interface without manual intervention.  So, I guess that there's no failover possible.

    Cheers - Bob
  • 0 in reply to BAlfson

    the SSL VPN cannot re-establish a VPN on another interface without manual intervention.  So, I guess that there's no failover possible.
    Cheers - Bob


    Its ok Bob, But how to do manual fail over, because VPN client search ASG HOST name that is one ISP wan IP address but if that ISP goes down than how VPN client will find second ISP IP address....??
  • 0
    Another guess: No multipath rules but a new public FQDN, like ssl.yourdomain.com, with an A record for each IP?

    Cheers - Bob
  • 0 in reply to BAlfson
    Another guess: No multipath rules but a new public FQDN, like ssl.yourdomain.com, with an A record for each IP?

    Cheers - Bob


    Yes, i know about public FQDN, but in testing mode i can not show it. Is there any other trick...??? Because in other UTM you can define both wan interface, and on client site, client can decide by which Wan interface that will connect, by manually put wan IP.
  • 0
    That's your solution here.  Unlike IPsec VPNs, SSL VPNs aren't bound to an interface.

    Cheers - Bob