Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 2216 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VPN Load Balance

nsanders
My goal is straight forward but I'm not that advanced in this area. I'm hoping to see if this is possible -

Our office connects to a remote office via site-to-site VPN. We are hoping to take two 50/10 connections from the same cable provider and load balance a site-to-site VPN over the connections... in theory, providing a 100/20 to end users. Is this possible?

We have ASG120s and ASG220s available. Thank you for your time and your input is greatly appreciated.


This thread was automatically locked due to age.
  • 0
    Hi, nsanders, and welcome to the User BB!

    It isn't possible at present to do this dynamically with the UTM.  Your cable provider may have a way to combine two connections into one.  I think there's a feature suggestion for this, but I don't remember it well enough to find it easily.

    At present, the best you can do is to split traffic between two VPNs.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    I appreciate your help and hope you forgive my ignorance with this. What I'm believing your reply to mean is that I can not dynamically load balance... such as sending traffic over one link instead of the other during peak times, adjusting percentages balanced dynamically as load increases/decreases, etc.

    But you mentioned I can split traffic between two VPNs. Would I be able to setup a VPN over each 50x10 connection and set it to send 50% of traffic over each VPN so it's not dynamically changing? Or would each VPN need it's own subnet and I'd have to put half the users in each subnet to split up the traffic between two connections that way? The second obviously being least ideal... but desperate times call for desperate measures.

    I guess it might be the word "dynamic" with your reply on what can't be done that has me a bit tripped up.
  • 0
    Yes, you would need to have separate subnets on one side or the other. 

    Cheers - Bob

    Sorry for any short responses!  Posted from my iPhone.
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    See the new thread announcing the 9.1 beta. This feature is being added for some types of connections. 

    Cheers - Bob

    Sorry for any short responses!  Posted from my iPhone.
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?